Cybersecurity Articles
90/68 Thursday, March 6, 2025 Broadcom has released security updates to address three actively exploited zero-day vulnerabilities in VMware ESX products. These vulnerabilities affect VMware ESXi, vSphere, Workstation, Fusion, Cloud Foundation, and Telco Cloud Platform. The Microsoft Threat Intelligence Center discovered these flaws, noting that attackers with Administrator or Root privileges in a virtual machine […]
89/68 Thursday, March 6, 2025 Security researchers from Trend Micro have revealed a sophisticated cyberattack that uses social engineering tactics along with commonly used remote access tools to infiltrate target systems. This attack involves the BackConnect malware, which enables hackers to maintain continuous control over victims’ devices and steal sensitive data. Most incidents have occurred […]
88/68 Wednesday, March 5, 2025 The U.S. government has announced the recovery of over $31 million in stolen cryptocurrency from the 2021 Uranium Finance hack. The decentralized finance (DeFi) platform was hacked twice in April of that year, resulting in total losses exceeding $53 million. Hackers exploited a vulnerability in the platform’s smart contract to […]
87/68 Wednesday, March 5, 2025 In 2024, global ransomware attacks surged to 5,414 incidents, marking an 11% increase compared to 2023. The most significant spikes were observed in Q2 and Q4, with Q4 alone accounting for 1,827 incidents—33% of the total. Law enforcement crackdowns on major ransomware groups, such as LockBit, led to the fragmentation […]
86/68 Tuesday, March 4, 2025 Cisco has released security updates to address vulnerabilities affecting Nexus 3000 and Nexus 9000 series switches running NX-OS in standalone mode. The first vulnerability, CVE-2025-20111 (CVSS 7.4), stems from improper handling of Ethernet frames, allowing an attacker within the same network to send specially crafted frames that can cause the […]
85/68 Tuesday, March 4, 2025 QR codes have become an essential tool in daily life, allowing users to quickly access websites, make payments, or view digital menus. However, cybercriminals have taken advantage of this popularity to commit fraud through a method known as QR phishing or quishing. They lure victims into scanning fake QR codes, […]
84/68 Monday, March 3, 2025 Microsoft has issued a warning that ransomware groups are actively exploiting a zero-day vulnerability in the BioNTdrv.sys driver of Paragon Partition Manager to attack systems and escalate privileges to SYSTEM level. The vulnerability, identified as CVE-2025-0289, is one of five security flaws found in driver versions older than 2.0.0. Hackers […]
83/68 Monday, March 3, 2025 The cybercriminal group Qilin has claimed responsibility for a cyberattack on Lee Enterprises, a major U.S. media company, on February 3. The attack disrupted the company’s operations, and the hackers have threatened to release the stolen data on March 5 unless a ransom is paid. The leaked data reportedly includes […]
82/68 Friday, February 28, 2025 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities—CVE-2023-34192 in Synacor Zimbra Collaboration Suite (ZCS) and CVE-2024-49035 in Microsoft Partner Center—to its Known Exploited Vulnerabilities (KEV) catalog. Details of these vulnerabilities are as follows: To mitigate risks associated with these vulnerabilities, agencies under the Federal Civilian Executive […]
81/68 Friday, February 28, 2025 Researchers from Palo Alto Networks Unit 42 have discovered a previously undocumented Linux malware named Auto-Color, which has been targeting universities and government organizations in North America and Asia between November and December 2024. This malware allows attackers to gain full remote access to infected systems, making its removal extremely […]
