Tag: exploit
-
New Critical Jenkins Vulnerabilities Put CI/CD Servers at Risk of RCE Exploits
Tags: advisory, automation, credentials, cyber, exploit, flaw, network, rce, remote-code-execution, risk, vulnerabilityThe Jenkins project released a critical security advisory addressing multiple vulnerabilities in its core automation server and the LoadNinja plugin. These flaws expose continuous integration and continuous deployment (CI/CD) environments to severe risks, including arbitrary file creation, credential exposure, and remote code execution (RCE). Because Jenkins controllers often hold elevated privileges across enterprise networks, administrators…
-
Neue Exploit-Kette ‘DarkSword” aufgedeckt – Hacker können mit nur einem Klick in iPhones eindringen
First seen on security-insider.de Jump to article: www.security-insider.de/darksword-1-klick-exploit-kompromittiert-iphones-a-01060b63a59bcff5e396d353bafec45d/
-
Apple Warns Older iPhones Vulnerable to Coruna, DarkSword Exploit Kit Attacks
Apple is urging users who are still running an outdated version of iOS to update their iPhones to secure against web-based attacks carried out via powerful exploit kits like Coruna and DarkSword.These attacks employ malicious web content to target out-of-date versions of iOS, triggering an infection chain that leads to the theft of sensitive data.”For…
-
Apple Warns Older iPhones Vulnerable to Coruna, DarkSword Exploit Kit Attacks
Apple is urging users who are still running an outdated version of iOS to update their iPhones to secure against web-based attacks carried out via powerful exploit kits like Coruna and DarkSword.These attacks employ malicious web content to target out-of-date versions of iOS, triggering an infection chain that leads to the theft of sensitive data.”For…
-
54 EDR Killers Use BYOVD to Exploit 35 Signed Vulnerable Drivers and Disable Security
A new analysis of endpoint detection and response (EDR) killers has revealed that 54 of them leverage a technique known as bring your own vulnerable driver (BYOVD) by abusing a total of 35 vulnerable drivers.EDR killer programs have been a common presence in ransomware intrusions as they offer a way for affiliates to neutralize security…
-
Cybercriminals are Winning with AI
AI has become the most powerful tool for financial fraud since the dawn of the Internet. As predicted, criminals are exploiting it faster, more effectively, and at scale. According to the latest Interpol Global Financial Fraud Report, AI-enhanced fraud is now 4.5 times more profitable than traditional schemes. That’s a significant shift and we’re still…
-
That cheap KVM device could expose your network to remote compromise
Stealthy backdoors: A compromised KVM device can become a powerful backdoor in any environment. An attacker can inject keystrokes to execute commands or access UEFI settings to disable security features such as disk encryption and Secure Boot.Because the device operates outside the controlled system’s OS, endpoint detection tools and host firewalls cannot see it. These…
-
Breach Roundup: Fancy Bear in Schmancy OpSec Failure
Also, Telus Breach, Microsoft Hotpatching, Interpol Malicious IP Takedown. This week, Russian hacker OpSec failure, Interpol helped disrupt 45,000 malicious IPs, the FBI is looking for an ATM jackpotting suspect and Telus disclosed a breach. Windows hotpatching, an FTP exploit, a foiled attack on a nuclear research center and China-linked espionage. First seen on govinfosecurity.com…
-
Breach Roundup: Fancy Bear in Schmancy OpSec Failure
Also, Telus Breach, Microsoft Hotpatching, Interpol Malicious IP Takedown. This week, Russian hacker OpSec failure, Interpol helped disrupt 45,000 malicious IPs, the FBI is looking for an ATM jackpotting suspect and Telus disclosed a breach. Windows hotpatching, an FTP exploit, a foiled attack on a nuclear research center and China-linked espionage. First seen on govinfosecurity.com…
-
Ransomware group exploited Cisco firewall vulnerability as a zero day, weeks before a patch appeared
Tags: attack, cisco, cve, defense, exploit, firewall, government, group, healthcare, infrastructure, malicious, malware, ransom, ransomware, service, software, tool, update, vulnerability, zero-dayCSO that the “week’s head start” he referred to was the gap between the date of the first exploit that Amazon’s later analysis had unearthed and Cisco’s discovery of the bug.Amazon gained insight into the attacker’s infrastructure by using the honeypot to mimic a vulnerable firewall system. This resulted in an attack on the honeypot,…
-
Unknown attackers exploit yet another critical SharePoint bug
Last time: Beijing-backed snoops and ransomware crims. Who’s next? First seen on theregister.com Jump to article: www.theregister.com/2026/03/19/unknown_attackers_exploit_yet_another/
-
54 EDR Killers Use BYOVD to Exploit 34 Signed Vulnerable Drivers and Disable Security
A new analysis of endpoint detection and response (EDR) killers has revealed that 54 of them leverage a technique known as bring your own vulnerable driver (BYOVD) by abusing a total of 34 vulnerable drivers.EDR killer programs have been a common presence in ransomware intrusions as they offer a way for affiliates to neutralize security…
-
U.S. CISA adds a flaw in Cisco FMC and Cisco SCC Firewall Management to its Known Exploited Vulnerabilities catalog
Tags: cisa, cisco, cloud, control, cve, cybersecurity, exploit, firewall, flaw, infrastructure, kev, software, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Cisco FMC and Cisco SCC Firewall Management to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management, tracked as CVE-2026-20131 (CVSS score…
-
U.S. CISA adds a flaw in Cisco FMC and Cisco SCC Firewall Management to its Known Exploited Vulnerabilities catalog
Tags: cisa, cisco, cloud, control, cve, cybersecurity, exploit, firewall, flaw, infrastructure, kev, software, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Cisco FMC and Cisco SCC Firewall Management to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management, tracked as CVE-2026-20131 (CVSS score…
-
Ransomware crims abused Cisco 0-day weeks before disclosure, says Amazon security boss
Interlock’s post-exploit toolkit exposed First seen on theregister.com Jump to article: www.theregister.com/2026/03/18/amazon_cisco_firewall_0_day_ransomware/
-
U.S. CISA adds a flaw in Cisco FMC and Cisco SCC Firewall Management to its Known Exploited Vulnerabilities catalog
Tags: cisa, cisco, cloud, control, cve, cybersecurity, exploit, firewall, flaw, infrastructure, kev, software, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Cisco FMC and Cisco SCC Firewall Management to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management, tracked as CVE-2026-20131 (CVSS score…
-
Bolster your defenses and close the codecloud gap with Tenable and OX
Tags: access, ai, application-security, attack, business, ciso, cloud, container, control, data, data-breach, defense, detection, endpoint, exploit, framework, identity, infrastructure, intelligence, Internet, risk, service, software, strategy, technology, threat, tool, training, vulnerabilityToday, cloud security teams face fragmented visibility and the challenge of prioritizing risks while identifying fix owners. A new joint solution from Tenable and OX helps you close the code-to-cloud gap from development through runtime. By combining CNAPP with deep AppSec, this integration is designed to eliminate visibility gaps and accelerate remediation. Key takeaways Bridge…
-
Ransomware Affiliate Exposes Details of ‘The Gentlemen’ Operation
Hastalamuerte leaks The Gentlemen RaaS ops: FortiGate exploits, BYOVD evasion, Qilin split tactics First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ransomware-affiliate-gentlemen/
-
Russian APT targets Ukraine via Zimbra XSS flaw CVE-2025-66376
Russian APT exploits a critical XSS flaw in Zimbra, tracked as CVE-2025-66376, running scripts via HTML emails to target users in Ukraine. Russia-linked threat actor exploits a high-severity XSS vulnerability, tracked as CVE-2025-66376 (CVSS score of 7.2), in Zimbra Collaboration. Attackers exploited insufficiently sanitized HTML emails to run scripts when opened, targeting users in Ukraine.…
-
New Apple Hack: Up to 270M iPhones Vulnerable to ‘DarkSword’ Exploit
Researchers uncover “DarkSword,” a powerful iPhone exploit targeting millions via compromised websites. Learn how it works and how to protect your device. The post New Apple Hack: Up to 270M iPhones Vulnerable to ‘DarkSword’ Exploit appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-darksword-iphone-exploit-ios-vulnerability/
-
Russian hackers exploit Zimbra flaw in Ukrainian govt attacks
Tags: attack, exploit, flaw, government, hacker, intelligence, military, russia, service, ukraine, vulnerabilityHackers part of APT28, a state-backed threat group linked to Russia’s military intelligence service (GRU), are exploiting a Zimbra Collaboration Suite (ZCS) vulnerability in attacks targeting Ukrainian government entities. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/russian-apt28-military-hackers-exploit-zimbra-flaw-in-ukrainian-govt-attacks/
-
Interlock ransomware gang exploited Cisco firewall zero-day weeks before disclosure: Amazon
The Interlock ransomware gang recently exploited a zero-day vulnerability in a popular line of Cisco firewalls before the bug was disclosed publicly, according to an Amazon report. First seen on therecord.media Jump to article: therecord.media/cisco-ransomware-interlock-firewalls
-
DarkSword emerges as powerful iOS exploit tool in global attacks
DarkSword, a new iOS exploit kit, is used by multiple actors to steal data in campaigns targeting Saudi Arabia, Turkey, Malaysia, and Ukraine. Lookout Threat Labs discovered a new iOS exploit kit called DarkSword that has been used since late 2025 by multiple threat actors, including surveillance vendors and likely nation-state actors. The toolkit enables…
-
DarkSword: Researchers uncover another iOS exploit kit
A powerful iPhone hacking toolkit dubbed >>DarkSword<< has been used since November 2025 to compromise devices by exploiting zero-day iOS vulnerabilities, Google … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/19/darksword-ios-exploit-iphone/
-
ThreatsDay Bulletin: FortiGate RaaS, Citrix Exploits, MCP Abuse, LiveChat Phish & More
ThreatsDay Bulletin is back on The Hacker News, and this week feels off in a familiar way. Nothing loud, nothing breaking everything at once. Just a lot of small things that shouldn’t work anymore but still do.Some of it looks simple, almost sloppy, until you see how well it lands. Other bits feel a little…
-
ThreatsDay Bulletin: FortiGate RaaS, Citrix Exploits, MCP Abuse, LiveChat Phish & More
ThreatsDay Bulletin is back on The Hacker News, and this week feels off in a familiar way. Nothing loud, nothing breaking everything at once. Just a lot of small things that shouldn’t work anymore but still do.Some of it looks simple, almost sloppy, until you see how well it lands. Other bits feel a little…
-
Russian hackers exploit Zimbra flaw to breach Ukrainian maritime agency
The Russian state-backed hacker group APT28 targeted a Ukrainian government agency by exploiting a vulnerability in Zimbra webmail software. First seen on therecord.media Jump to article: therecord.media/russia-hackers-ukraine-zimbra-breach
-
Claude Vulnerabilities Allow Data Exfiltration and Malicious Redirect Attacks
Security researchers recently uncovered a critical attack chain within Anthropic’s Claude.ai platform. Dubbed >>Claudy Day,<< this vulnerability sequence allows attackers to silently extract sensitive user data through prompt manipulation and malicious redirects. The exploit requires no external integrations or specialized tools, functioning entirely within a default Claude session. Anthropic has patched the prompt injection flaw…