Internet Security

Citrix addressed NetScaler console privilege escalation flaw

February 20, 2025 add comment
Citrix addressed a high-severity privilege escalation vulnerability impacting NetScaler Console and NetScaler Agent under certain conditions. Citrix released security updates to address a high-severity security vulnerability, tracked as CVE-2024-12284 (CVSS... Read more »

Palo Alto Networks warns that CVE-2025-0111 flaw is actively exploited in attacks

February 20, 2025 add comment
Palo Alto Networks warns that the vulnerability CVE-2025-0111 is actively exploited with two other flaws to compromise PAN-OS firewalls. Palo Alto Networks warns that threat actors are chaining the... Read more »

Russia-linked APTs target Signal messenger

February 19, 2025 add comment
Russia-linked threat actors exploit Signal ‘s “linked devices” feature to hijack accounts, per Google Threat Intelligence Group. Google Threat Intelligence Group (GTIG) researchers warn of multiple Russia-linked threat actors... Read more »

Venture capital firm Insight Partners discloses security breach

February 19, 2025 add comment
Venture capital firm Insight Partners suffered a cyberattack involving unauthorized access to its information systems. A cyber attack hit venture capital firm Insight Partners, threat actors gained unauthorized access... Read more »

OpenSSH bugs allows Man-in-the-Middle and DoS Attacks

February 19, 2025 add comment
Two OpenSSH vulnerabilities could allow machine-in-the-middle (MitM) and denial-of-service (DoS) attacks under certain conditions. The Qualys Threat Research Unit (TRU) has discovered two vulnerabilities in OpenSSH. The first, tracked as CVE-2025-26465... Read more »

U.S. CISA adds SonicWall SonicOS and Palo Alto PAN-OS flaws to its Known Exploited Vulnerabilities catalog

February 19, 2025 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SonicWall SonicOS and Palo Alto PAN-OS vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added... Read more »

Juniper Networks fixed a critical flaw in Session Smart Routers

February 18, 2025 add comment
Juniper Networks has addressed a critical vulnerability, tracked as CVE-2025-21589, impacting the Session Smart Router. Juniper Networks addressed a critical authentication bypass vulnerability, tracked as CVE-2025-21589 (CVSS score of 9.8),... Read more »

China-linked APT group Winnti targets Japanese organizations since March 2024

February 18, 2025 add comment
China-linked threat actor Winnti targeted Japanese companies in the manufacturing, materials, and energy sectors in March 2024 as part of a campaign dubbed RevivalStone. Researchers from cybersecurity firm LAC uncovered... Read more »

Xerox VersaLink C7025 Multifunction printer flaws may expose Windows Active Directory credentials to attackers

February 18, 2025 add comment
Xerox VersaLink C7025 Multifunction printer flaws could allow attackers to capture authentication credentials via pass-back attacks via LDAP and SMB/FTP services. Rapid7 researchers discovered vulnerabilities in Xerox Versalink C7025... Read more »

New XCSSET macOS malware variant used in limited attacks

February 18, 2025 add comment
Microsoft discovered a new variant of the Apple macOS malware XCSSET that was employed in limited attacks in the wild. Microsoft Threat Intelligence discovered a new variant of the macOS malware... Read more »
Subscribe to our Newsletter