“Cyber warfare is as much about psychological strategy as technical prowess.”
― James Scott
-
North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures [email protected] (The Hacker News)
North Korea-linked threat actors behind the Contagious Interview have set up front companies as a way to distribute malware during the fake hiring process. “In this new campaign, the threat actor group is using three front companies in the cryptocurrency consulting industry—BlockNovas LLC (blocknovas[.] com), Angeloper Agency (angeloper[.]com), and SoftGlide LLC (softglide[.]co)—to spreadRead More
-
SAP Confirms Critical NetWeaver Flaw Amid Suspected Zero-Day Exploitation by Hackers [email protected] (The Hacker News)
Threat actors are likely exploiting a new vulnerability in SAP NetWeaver to upload JSP web shells with the goal of facilitating unauthorized file uploads and code execution. “The exploitation is likely tied to either a previously disclosed vulnerability like CVE-2017-9844 or an unreported remote file inclusion (RFI) issue,” ReliaQuest said in a report published this…
-
Why NHIs Are Security’s Most Dangerous Blind Spot [email protected] (The Hacker News)
When we talk about identity in cybersecurity, most people think of usernames, passwords, and the occasional MFA prompt. But lurking beneath the surface is a growing threat that does not involve human credentials at all, as we witness the exponential growth of Non-Human Identities (NHIs). At the top of mind when NHIs are mentioned, most…
-
Researchers Identify Rack::Static Vulnerability Enabling Data Breaches in Ruby Servers [email protected] (The Hacker News)
Cybersecurity researchers have disclosed three security flaws in the Rack Ruby web server interface that, if successfully exploited, could enable attackers to gain unauthorized access to files, inject malicious data, and tamper with logs under certain conditions. The vulnerabilities, flagged by cybersecurity vendor OPSWAT, are listed below – CVE-2025-27610 (CVSS score: 7.5) – A path…
-
DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks [email protected] (The Hacker News)
Cybersecurity researchers are warning about a new malware called DslogdRAT that’s installed following the exploitation of a now-patched security flaw in Ivanti Connect Secure (ICS). The malware, along with a web shell, were “installed by exploiting a zero-day vulnerability at that time, CVE-2025-0282, during attacks against organizations in Japan around December 2024,” JPCERT/CC researcher YumaRead…
-
Commvault Command Center Path Traversal Vulnerability (CVE-2025-34028)
What is the Vulnerability?A critical path traversal vulnerability has been identified in Commvault’s Command Center Innovation Release. The vulnerability, tracked as CVE-2025-34028, has been assigned a CVSS score of 9.0. This flaw allows unauthenticated remote attackers to upload specially crafted ZIP files. When these files are expanded by the server, they can lead to arbitrary…
-
Software supply chain security AI agents take action
Three software supply chain security vendors join the AI agent trend that is sweeping tech, as AI-generated code threatens to overwhelm human security pros.Read More
-
Lazarus Hits 6 South Korean Firms via Cross EX, Innorix Zero-Day and ThreatNeedle Malware [email protected] (The Hacker News)
At least six organizations in South Korea have been targeted by the prolific North Korea-linked Lazarus Group as part of a campaign dubbed Operation SyncHole. The activity targeted South Korea’s software, IT, financial, semiconductor manufacturing, and telecommunications industries, according to a report from Kaspersky published today. The earliest evidence of compromise was first detected inRead…
-
159 CVEs Exploited in Q1 2025 — 28.3% Within 24 Hours of Disclosure [email protected] (The Hacker News)
As many as 159 CVE identifiers have been flagged as exploited in the wild in the first quarter of 2025, up from 151 in Q4 2024. “We continue to see vulnerabilities being exploited at a fast pace with 28.3% of vulnerabilities being exploited within 1-day of their CVE disclosure,” VulnCheck said in a report shared…
-
Linux io_uring PoC Rootkit Bypasses System Call-Based Threat Detection Tools [email protected] (The Hacker News)
Cybersecurity researchers have demonstrated a proof-of-concept (PoC) rootkit dubbed Curing that leverages a Linux asynchronous I/O mechanism called io_uring to bypass traditional system call monitoring. This causes a “major blind spot in Linux runtime security tools,” ARMO said. “This mechanism allows a user application to perform various actions without using system calls,” the company said…
“Security used to be an inconvenience sometimes, but now it’s a necessity all the time.”
― Martina Navratilova