🟡 CVE-2025-43903: NSSCryptoSignBackend.cc in Pop... 🟡 CVE-2025-3796: A vulnerability classified as ... ⚠️ CVE-2025-32953: z80pack is a mature emulator o... 🟡 CVE-2025-3795: A vulnerability was found in D... 🟡 CVE-2025-36625: In Nessus versions prior to 10... 🟡 CVE-2025-32377: Rasa Pro is a framework for bu... 🟢 CVE-2025-25985: An issue in Macro-video Techno... 🟡 CVE-2025-25984: An issue in Macro-video Techno... 🟢 CVE-2025-25983: An issue in Macro-video Techno... 🟡 CVE-2025-28355: Volmarg Personal Management Sy... ⚠️ CVE-2025-24914: When installing Nessus to a no... 🟡 CVE-2025-29513: Cross-Site Scripting (XSS) vul... 🟡 CVE-2025-29512: Cross-Site Scripting (XSS) vul... 🟡 CVE-2025-1697: A potential security vulnerabi... 🟡 CVE-2024-41447: A stored cross-site scripting ... 🟡 CVE-2025-32796: Dify is an open-source LLM app... 🟡 CVE-2025-32795: Dify is an open-source LLM app... ⚠️ CVE-2025-32792: SES safely executes third-part... ⚠️ CVE-2025-32442: Fastify is a fast and low over... 🔥 CVE-2025-32434: PyTorch is a Python package th... ⚠️ CVE-2025-32389: NamelessMC is a free, easy to ... 🟡 CVE-2025-31120: NamelessMC is a free, easy to ... ⚠️ CVE-2025-31118: NamelessMC is a free, easy to ... ⚠️ CVE-2025-30357: NamelessMC is a free, easy to ... ⚠️ CVE-2025-30158: NamelessMC is a free, easy to ... ⚠️ CVE-2025-29784: NamelessMC is a free, easy to ... 🟡 CVE-2025-27599: Element X Android is a Matrix ... 🟡 CVE-2025-3792: A vulnerability, which was cla... 🟡 CVE-2025-3791: A vulnerability classified as ... 🟡 CVE-2025-2950: IBM i 7.3, 7.4, 7.5, and 7.5 i... ⚠️ CVE-2025-29625: A buffer overflow vulnerabilit... 🟡 CVE-2025-3790: A vulnerability classified as ... 🟡 CVE-2025-3789: A vulnerability was found in b... 🟡 CVE-2025-32790: Dify is an open-source LLM app... 🟡 CVE-2024-46089: 74cms <=3.33 is vulnerable to ... 🟡 CVE-2024-49808: IBM Sterling Connect:Direct We... 🟡 CVE-2024-45651: IBM Sterling Connect:Direct We... 🟡 CVE-2025-3788: A vulnerability was found in b... 🟡 CVE-2025-3787: A vulnerability was found in P... 🟡 CVE-2025-3106: The LA-Studio Element Kit for ... ⚠️ CVE-2025-3786: A vulnerability was found in T... ⚠️ CVE-2025-3785: A vulnerability has been found... 🟡 CVE-2025-3056: The Download Manager plugin fo... 🔥 CVE-2025-2492: An improper authentication con... 🟡 CVE-2025-3783: A vulnerability classified as ... 🟡 CVE-2025-3598: The Coupon Affiliates – Affili... 🟡 CVE-2025-2162: The MapPress Maps for WordPres... 🔥 CVE-2025-1863: Insecure default settings have... 🔥 CVE-2025-39471: Improper Neutralization of Spe... ⚠️ CVE-2025-39470: Path Traversal: '.../...//' vu... ⚠️ CVE-2025-39469: Improper Neutralization of Inp... 🔥 CVE-2025-42599: Active! mail 6 BuildInfo: 6.60... ⚠️ CVE-2025-3520: The Avatar plugin for WordPres... 🟡 CVE-2025-2613: The Login Manager – Design Log... 🟡 CVE-2024-13650: The Piotnet Addons For Element... ⚠️ CVE-2025-25427: A Stored cross-site scripting ... ⚠️ CVE-2025-3509: A Remote Code Execution (RCE) ... ⚠️ CVE-2025-3246: An improper neutralization of ... 🟡 CVE-2025-3124: A missing authorization vulner... 🟢 CVE-2024-42178: HCL MyXalytics is affected by ... 🟡 CVE-2025-3765: A vulnerability, which was cla... 🟡 CVE-2025-3764: A vulnerability classified as ... 🟢 CVE-2024-42177: HCL MyXalytics is affected by ... 🟡 CVE-2025-3763: A vulnerability classified as ... 🟡 CVE-2025-3762: A vulnerability was found in P... 🟡 CVE-2025-29722: A CSRF vulnerability in Commer... 🟡 CVE-2025-28101: An arbitrary file deletion vul... 🔥 CVE-2025-28009: A SQL Injection vulnerability ... 🟢 CVE-2025-26269: DragonflyDB Dragonfly through ... 🟢 CVE-2025-26268: DragonflyDB Dragonfly before 1... ⚠️ CVE-2024-55211: An issue in Think Router Tk-Rt... 🟢 CVE-2021-47671: In the Linux kernel, the follo... ⚠️ CVE-2021-47670: In the Linux kernel, the follo... ⚠️ CVE-2021-47669: In the Linux kernel, the follo... ⚠️ CVE-2021-47668: In the Linux kernel, the follo... 🟢 CVE-2025-32415: In libxml2 before 2.13.8 and 2... ⚠️ CVE-2025-2947: IBM i 7.6  contains a privile... ⚠️ CVE-2025-29661: Litepubl CMS <= 7.0.9 is vulne... ⚠️ CVE-2025-29181: FOXCMS <= V1.25 is vulnerable ... ⚠️ CVE-2025-29180: In FOXCMS <=1.25, the installd... ⚠️ CVE-2025-29039: An issue in dlink DIR 832x 240... ⚠️ CVE-2025-43015: In JetBrains RubyMine before 2... 🟡 CVE-2025-43014: In JetBrains Toolbox App befor... 🟡 CVE-2025-43013: In JetBrains Toolbox App befor... ⚠️ CVE-2025-43012: In JetBrains Toolbox App befor... 🟡 CVE-2025-42921: In JetBrains Toolbox App befor... 🔥 CVE-2025-39596: Weak Authentication vulnerabil... 🔥 CVE-2025-39595: Improper Neutralization of Spe... ⚠️ CVE-2025-39594: Improper Neutralization of Inp... 🔥 CVE-2025-39588: Deserialization of Untrusted D... 🔥 CVE-2025-39587: Improper Neutralization of Spe... ⚠️ CVE-2025-39586: Improper Neutralization of Spe... ⚠️ CVE-2025-39583: Missing Authorization vulnerab... 🟡 CVE-2025-39580: Missing Authorization vulnerab... ⚠️ CVE-2025-39569: Improper Neutralization of Spe... ⚠️ CVE-2025-39568: Improper Limitation of a Pathn... ⚠️ CVE-2025-39567: Improper Neutralization of Inp... 🟡 CVE-2025-39562: Improper Neutralization of Inp... 🟡 CVE-2025-39559: Missing Authorization vulnerab... ⚠️ CVE-2025-39558: Improper Neutralization of Inp...

Information Technology Security Awareness Posts

Hackers Exploit Zero-Day in cnPilot Routers

Hackers Exploit Zero-Day in cnPilot Routers

Hackers are exploiting a zero-day vulnerability in Cambium Networks' cnPilot routers to deploy the AIRASHI botnet, enabling large-scale DDoS attacks. The botnet, an evolution of AISURU, utilizes advanced encryption and multiple attack vectors, including weak passwords and known exploits. Security experts recommend updating firmware, changing default credentials, and disabling unnecessary remote access to mitigate risks.

By Cybersecurity Team on January 22, 2025

Unsecured Tunneling Protocols Expose 4.2 Million Hosts

Unsecured Tunneling Protocols Expose 4.2 Million Hosts

Recent research reveals that over 4.2 million internet hosts, including VPNs and routers, are vulnerable due to insecure tunneling protocols. Attackers can exploit these weaknesses to launch DoS attacks, infiltrate networks, and anonymize malicious activities. Organizations must implement IPsec, traffic filtering, and restrict tunneling access to prevent exploitation and safeguard critical infrastructure.

By Cybersecurity Team on January 20, 2025

Ransomware Exploits Amazon S3 Encryption to Lock Data

Ransomware Exploits Amazon S3 Encryption to Lock Data

A new ransomware attack is targeting Amazon S3 buckets, exploiting AWS's Server-Side Encryption with Customer Provided Keys (SSE-C). Attackers encrypt stored data using their own keys, making recovery impossible without payment. Organizations must secure AWS credentials, enforce least privilege access, and monitor suspicious activity to prevent unauthorized encryption and protect critical cloud data.

By Cybersecurity Team on January 16, 2025

FTC Mandates Security Overhaul for GoDaddy Following Data Breaches

FTC Mandates Security Overhaul for GoDaddy Following Data Breaches

The FTC has ordered GoDaddy to overhaul its cybersecurity practices following multiple data breaches that exposed millions of users' sensitive information. Allegations include lax security, misleading claims about data protection, and failure to prevent unauthorized access. The settlement mandates stronger security measures, independent audits, and a commitment to transparency in safeguarding customer data.

By Cybersecurity Team on January 16, 2025

Critical Vulnerabilities Discovered in Rsync File Synchronization Tool

Critical Vulnerabilities Discovered in Rsync File Synchronization Tool

Security researchers have discovered six critical vulnerabilities in Rsync, the widely used file synchronization tool. These flaws, including a heap buffer overflow and information leak, could allow remote code execution and unauthorized data access. Over 660,000 exposed Rsync servers are at risk. Admins are urged to update to version 3.4.0, restrict access, and monitor for unusual activity to mitigate threats.

By Cybersecurity Team on January 16, 2025

Hackers Leak Configurations and VPN Credentials for 15,000 FortiGate Devices

Hackers Leak Configurations and VPN Credentials for 15,000 FortiGate Devices

Hackers have leaked configurations and VPN credentials for over 15,000 FortiGate devices, exposing organizations to potential breaches. The compromised data allows attackers to gain unauthorized access to corporate networks. Affected entities should immediately change VPN credentials, update device configurations, and apply security patches to mitigate risks. This incident highlights the critical need for regular security audits and proactive defense measures.

By Cybersecurity Team on January 16, 2025

Hackers Exploit Google Search Ads to Hijack Google Ads Accounts

Hackers Exploit Google Search Ads to Hijack Google Ads Accounts

Cybercriminals are exploiting Google Search ads to hijack Google Ads accounts, tricking users into entering credentials on fake login pages. These phishing campaigns redirect victims to fraudulent sites mimicking Google Ads, stealing login details and gaining unauthorized access. Advertisers should avoid clicking sponsored results, use two-factor authentication (2FA), and monitor account activity to prevent fraud. Google is actively investigating the issue.

By Cybersecurity Team on January 16, 2025

WP3.XYZ Malware Campaign Compromises Over 5,000 WordPress Sites

WP3.XYZ Malware Campaign Compromises Over 5,000 WordPress Sites

A recent malware campaign leveraging the domain wp3.xyz has compromised over 5,000 WordPress sites, adding rogue admin accounts, installing malicious plugins, and exfiltrating sensitive data. Attackers create unauthorized wpx_admin users, granting full access to infected sites. Website owners are urged to audit admin accounts, remove suspicious plugins, block wp3.xyz, and enable multi-factor authentication (MFA) to mitigate risks.

By Cybersecurity Team on January 16, 2025

Mortgage Investors Group Reports Data Breach

Mortgage Investors Group Reports Data Breach

Mortgage Investors Group (MIG) has reported a data breach affecting its systems, potentially exposing personal information. Discovered on December 12, 2024, the breach prompted an investigation, revealing unauthorized access to sensitive data. MIG is notifying affected individuals and offering credit monitoring services. The company has enhanced security measures and advises vigilance in monitoring financial accounts to mitigate risks from the incident.

By Cybersecurity Team on January 15, 2025

Adobe Product Security Updates - January 2025

Adobe Product Security Updates - January 2025

Adobe released critical security updates in January 2025, addressing vulnerabilities in products like Photoshop, Illustrator for iPad, Substance 3D Stager, Animate, and Substance 3D Designer. These updates mitigate risks of arbitrary code execution and enhance software security. Users are strongly encouraged to update their software to the latest versions to ensure protection and maintain system integrity.

By Cybersecurity Team on January 15, 2025

Biden Signs Executive Order to Accelerate AI Infrastructure Development

Biden Signs Executive Order to Accelerate AI Infrastructure Development

President Joe Biden signed an executive order to expedite AI infrastructure development, leasing federal land for gigawatt-scale data centers powered by clean energy. The initiative aims to enhance U.S. AI leadership, bolster national security, and streamline permitting processes. Companies must fund the projects and use sustainable power. This step aligns with private sector investments, ensuring innovation while addressing environmental concerns.

By Cybersecurity Team on January 14, 2025

Microsoft's January 2025 Patch Tuesday: Key Updates and Security Enhancements

Microsoft's January 2025 Patch Tuesday: Key Updates and Security Enhancements

Microsoft's January 2025 Patch Tuesday updates address critical security vulnerabilities in Windows 10 and Windows 11. The Windows 11 update (KB5050009) advances the system to Build 26100.2894, focusing on security fixes and minor enhancements. Windows 10 received similar security improvements. Users and administrators are urged to apply these updates promptly to protect systems from potential threats .

By Cybersecurity Team on January 14, 2025

BeyondTrust's CVE-2024-12686: Command Injection Vulnerability in Remote Access Solutions

BeyondTrust's CVE-2024-12686: Command Injection Vulnerability in Remote Access Solutions

BeyondTrust's CVE-2024-12686 is a critical command injection vulnerability affecting Privileged Remote Access and Remote Support versions 24.3.1 and earlier. Exploitable by authenticated users with admin privileges, it allows arbitrary OS command execution. Patches are available for supported versions, and CISA has warned of active exploitation, urging immediate updates to mitigate risks.

By Cybersecurity Team on January 14, 2025

New Smishing Campaign Targets iMessage Users by Exploiting Apple's Phishing Protections

New Smishing Campaign Targets iMessage Users by Exploiting Apple's Phishing Protections

A new smishing campaign targets iMessage users by exploiting Apple’s phishing protections. Attackers send deceptive messages prompting users to respond, which reactivates disabled links from unknown senders. This exposes users to phishing sites and potential data theft. To stay safe, avoid responding to unknown senders, keep iMessage protections enabled, and report suspicious messages. Vigilance and proper security practices are key to mitigating this threat.

By Cybersecurity Team on January 14, 2025

Vulnerability in Google's OAuth Workflow Poses Security Risks

Vulnerability in Google's OAuth Workflow Poses Security Risks

A critical vulnerability in Google’s OAuth authentication allows users to create unmanaged Google accounts linked to corporate email domains. This exploit enables former employees or attackers to maintain unauthorized access to third-party apps like Slack and Zoom, even after leaving an organization. By leveraging email aliases, these accounts bypass corporate controls, posing significant security risks.

By Cybersecurity Team on January 14, 2025

Recent macOS Vulnerability Allows Bypass of System Integrity Protection

Recent macOS Vulnerability Allows Bypass of System Integrity Protection

Apple recently patched a critical macOS vulnerability (CVE-2024-44243) that allowed attackers with root access to bypass System Integrity Protection (SIP), enabling the installation of malicious kernel drivers and unauthorized access to private data. Discovered by Microsoft's security team, this flaw highlights the importance of timely updates. Users are urged to upgrade to macOS Sequoia 15.2 or later to protect against potential exploits.

By Cybersecurity Team on January 13, 2025

PowerSchool Data Breach Exposes Sensitive Information of Students and Educators

PowerSchool Data Breach Exposes Sensitive Information of Students and Educators

PowerSchool, a leading K-12 edtech provider, suffered a data breach exposing sensitive information of students and staff, including Social Security numbers, medical records, and academic grades. Hackers accessed the system via compromised credentials. While PowerSchool paid a ransom and claimed data deletion, concerns persist about misuse. Schools are urged to enhance cybersecurity measures to prevent future breaches.

By Cybersecurity Team on January 10, 2025

Gravy Analytics Data Breach Exposes Unwitting Location Tracking via Popular Apps

Gravy Analytics Data Breach Exposes Unwitting Location Tracking via Popular Apps

Gravy Analytics faced a major data breach, revealing how it covertly collected user location data from popular apps like Candy Crush, Tinder, and Muslim Pro. Using real-time bidding (RTB) in online ads, Gravy Analytics tracked users without their consent. This raises serious privacy concerns, as sensitive locations like healthcare and religious sites were exposed. The FTC has since banned the sale of such data, urging stricter regulations to protect users.

By Cybersecurity Team on January 10, 2025

PhishWP Plugin: A New Threat to WordPress Security

PhishWP Plugin: A New Threat to WordPress Security

PhishWP, a malicious WordPress plugin, allows attackers to turn legitimate sites into phishing traps, mimicking payment gateways like Stripe to steal sensitive data. It captures credit card details and 3D Secure OTPs, enabling fraudulent transactions. As WordPress vulnerabilities rise, site owners must adopt robust security measures like updates, strong passwords, and malware scans to combat evolving threats in 2025.

By Cybersecurity Team on January 09, 2025

Ivanti Releases Critical Security Updates for Connect Secure Appliances

Ivanti Releases Critical Security Updates for Connect Secure Appliances

Ivanti has released critical security updates for Connect Secure appliances to address CVE-2025-0282, a zero-day vulnerability actively exploited for remote code execution. Administrators are urged to apply firmware version 22.7R2.5 immediately. Additional updates for Ivanti Policy Secure and Neurons for ZTA Gateways will follow. The move highlights the need for timely patching to safeguard against emerging threats.

By Cybersecurity Team on January 09, 2025