Tag: update
-
React2Shell is the Log4j moment for front end development
What to look for: In an attack tracked by S-RM, immediately after the threat actor gained access to a targeted company’s network, they ran a hidden PowerShell command, establishing command and control (C2) by downloading a Cobalt Strike PowerShell stager, a tactic regularly used by red teamers, and installing a beacon to allow them to…
-
The Agentic Era is Here: Announcing the 4th Edition of AI API Security For Dummies
If you look at the headlines, the story is about Artificial Intelligence. But if you look at the architecture, the story is about APIs. The reality of modern tech is simple: You can’t have AI security without API security. As we move rapidly from simple chatbots to autonomous agents, the way we secure our infrastructure…
-
React2Shell is the Log4j moment for front end development
What to look for: In an attack tracked by S-RM, immediately after the threat actor gained access to a targeted company’s network, they ran a hidden PowerShell command, establishing command and control (C2) by downloading a Cobalt Strike PowerShell stager, a tactic regularly used by red teamers, and installing a beacon to allow them to…
-
The Agentic Era is Here: Announcing the 4th Edition of AI API Security For Dummies
If you look at the headlines, the story is about Artificial Intelligence. But if you look at the architecture, the story is about APIs. The reality of modern tech is simple: You can’t have AI security without API security. As we move rapidly from simple chatbots to autonomous agents, the way we secure our infrastructure…
-
Windows 10 OOB update released to fix Message Queuing (MSMQ) issues
This month’s extended security update for Windows 11 broke Message Queuing (MSMQ), which is typically used by enterprises to manage background tasks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/windows-10-oob-update-released-to-fix-message-queuing-msmq-issues/
-
The Agentic Era is Here: Announcing the 4th Edition of AI API Security For Dummies
If you look at the headlines, the story is about Artificial Intelligence. But if you look at the architecture, the story is about APIs. The reality of modern tech is simple: You can’t have AI security without API security. As we move rapidly from simple chatbots to autonomous agents, the way we secure our infrastructure…
-
Cisco customers hit by fresh wave of zero-day attacks from China-linked APT
Cisco has yet to release a patch for the actively exploited vulnerability, and attacks have been underway since at least late November. First seen on cyberscoop.com Jump to article: cyberscoop.com/cisco-zero-day-attacks-china-apt/
-
Actively Exploited ASUS Vulnerability Added to CISA’s KEV List
Tags: attack, cisa, cve, cyber, cybersecurity, exploit, infrastructure, kev, malicious, software, supply-chain, update, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has added a critical ASUS vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, signaling active exploitation in the wild. CVE-2025-59374 affects ASUS Live Update software and stems from a sophisticated supply chain compromise that embedded malicious code into legitimate software distributions. Supply Chain Attack Details The vulnerability involves…
-
Microsoft bestätigt: Windows-Update macht Remote-App-Verbindungen kaputt
Einige Windows-Nutzer können seit Tagen keine Apps mehr von Azure Virtual Desktop streamen. Ein Fix ist in Arbeit. Aktuell helfen nur Workarounds. First seen on golem.de Jump to article: www.golem.de/news/microsoft-bestaetigt-windows-update-macht-remote-app-verbindungen-kaputt-2512-203402.html
-
Cisco confirms zero-day exploitation of Secure Email products
Rebuild guidance and operational tradeoffs: Cisco has said that wiping and rebuilding appliances is currently required in cases where compromise has been confirmed.”From a security standpoint, it is indeed the right call,” Tyagi said. “When there’s a risk that attackers have embedded themselves deep in a system, patching alone won’t solve the issue. Rebuilding is…
-
Cisco confirms zero-day exploitation of Secure Email products
Rebuild guidance and operational tradeoffs: Cisco has said that wiping and rebuilding appliances is currently required in cases where compromise has been confirmed.”From a security standpoint, it is indeed the right call,” Tyagi said. “When there’s a risk that attackers have embedded themselves deep in a system, patching alone won’t solve the issue. Rebuilding is…
-
Microsoft December Update Breaks Critical IIS Servers
The security updates delivered through KB5071546 have fundamentally broken Message Queuing (MSMQ) functionality across multiple Windows versions. The post Microsoft December Update Breaks Critical IIS Servers appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-microsoft-critical-iis-servers/
-
Backdoors eingeschleust: Chinesische Hacker kapern seit Wochen Cisco-Systeme
Angreifer aus China schleusen über eine Zero-Day-Lücke in Cisco AsyncOS Malware auf anfällige Appliances. Ein Patch ist noch nicht in Sicht. First seen on golem.de Jump to article: www.golem.de/news/ungepatchte-sicherheitsluecke-cisco-systeme-werden-seit-wochen-attackiert-2512-203379.html
-
Recent Windows updates break RemoteApp connections
Microsoft has confirmed that recent Windows updates trigger RemoteApp connection failures on Windows 11 24H2/25H2 and Windows Server 2025 devices in Azure Virtual Desktop environments. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-recent-updates-break-azure-virtual-desktop-remoteapp-sessions/
-
Ungepatchte Sicherheitslücke: Chinesische Hacker kapern seit Wochen Cisco-Systeme
Angreifer aus China schleusen über eine Zero-Day-Lücke in Cisco AsyncOS Malware auf anfällige Appliances. Ein Patch ist noch nicht in Sicht. First seen on golem.de Jump to article: www.golem.de/news/ungepatchte-sicherheitsluecke-cisco-systeme-werden-seit-wochen-attackiert-2512-203379.html
-
Ungepatchte Sicherheitslücke: Cisco-Systeme werden seit Wochen attackiert
Angreifer aus China schleusen über eine Zero-Day-Lücke in Cisco AsyncOS Malware auf anfällige Appliances. Ein Patch ist noch nicht in Sicht. First seen on golem.de Jump to article: www.golem.de/news/ungepatchte-sicherheitsluecke-cisco-systeme-werden-seit-wochen-attackiert-2512-203379.html
-
CISA Flags Critical ASUS Live Update Flaw After Evidence of Active Exploitation
Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, malicious, supply-chain, update, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical flaw impacting ASUS Live Update to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.The vulnerability, tracked as CVE-2025-59374 (CVSS score: 9.3), has been described as an “embedded malicious code vulnerability” introduced by means of a supply chain compromise First…
-
Microsoft warns MSMQ may fail after update, breaking apps
MSMQ becoming inactive;Internet Information Services (IIS) sites failing with “Insufficient resources to perform operation” errors;applications unable to write to queues;errors such as “The message file ‘C:\Windows\System32\msmq\storage*.mq’ cannot be created” when creating message files;misleading log entries such as “There is insufficient disk space or memory”, despite sufficient disk space and memory being available.Affected are servers running…
-
Attacks pummeling Cisco AsyncOS 0-day since late November
No timeline for a patch First seen on theregister.com Jump to article: www.theregister.com/2025/12/17/attacks_pummeling_cisco_0day/
-
Microsoft security update breaks MSMQ on older Win systems
Folder permission changes cause queue failures and misleading error messages, no real fix yet First seen on theregister.com Jump to article: www.theregister.com/2025/12/17/microsoft_admits_that_message_queuing/
-
Microsoft to Block Exchange Online Access from Outdated Devices
Microsoft has announced a significant update to its device connectivity policies for Exchange Online, aimed at enhancing security and ensuring users are on modern protocols. Starting March 1, 2026, mobile devices running Exchange ActiveSync (EAS) versions older than 16.1 will no longer be able to connect to Exchange Online mailboxes. Exchange ActiveSync version 16.1 was originally…
-
SonicWall warns of actively exploited flaw in SMA 100 AMC
SonicWall warned users to patch a SMA1000 AMC flaw that was exploited as a zero-day privilege escalation vulnerability in attacks. SonicWall urged customers to address a vulnerability, tracked as CVE-2025-40602, in the SMA1000 Appliance Management Console that was exploited as a zero-day in attacks in the wild. The flaw is a local privilege escalation issue…
-
SonicWall warns of actively exploited flaw in SMA 100 AMC
SonicWall warned users to patch a SMA1000 AMC flaw that was exploited as a zero-day privilege escalation vulnerability in attacks. SonicWall urged customers to address a vulnerability, tracked as CVE-2025-40602, in the SMA1000 Appliance Management Console that was exploited as a zero-day in attacks in the wild. The flaw is a local privilege escalation issue…
-
Nagios XI 2026R1.1 Released to Patch Privilege Escalation Vulnerability
Nagios has released version 2026R1.1 to address a critical privilege escalation vulnerability affecting earlier versions of its monitoring platform. The flaw, tracked as CVE-2025-34288, poses a significant risk to enterprise infrastructure by enabling local attackers to execute arbitrary code with root privileges. Vulnerability Details The vulnerability stems from an unsafe interaction between sudo permissions and…
-
Sonicwall warns of new SMA1000 zero-day exploited in attacks
SonicWall warned customers today to patch a vulnerability in the SonicWall SMA1000 Appliance Management Console (AMC) that was chained in zero-day attacks to escalate privileges. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/sonicwall-warns-of-new-sma1000-zero-day-exploited-in-attacks/
-
Microsoft security updates breaks MSMQ on older Win systems
Folder permission changes cause queue failures and misleading error messages, no real fix yet First seen on theregister.com Jump to article: www.theregister.com/2025/12/17/microsoft_admits_that_message_queuing/
-
JumpCloud agent turns uninstall into a system shortcut
Full privilege escalation and denial of service: The vulnerability opens two primary exploitation vectors with significant operational impact: full privilege escalation to system level, and denial of service (DoS).By manipulating filesystem paths and leveraging race conditions, an attacker can redirect the uninstaller’s operations to delete or overwrite protected installer configuration targets, ultimately triggering techniques that…
-
JumpCloud agent turns uninstall into a system shortcut
Full privilege escalation and denial of service: The vulnerability opens two primary exploitation vectors with significant operational impact: full privilege escalation to system level, and denial of service (DoS).By manipulating filesystem paths and leveraging race conditions, an attacker can redirect the uninstaller’s operations to delete or overwrite protected installer configuration targets, ultimately triggering techniques that…
-
JumpCloud agent turns uninstall into a system shortcut
Full privilege escalation and denial of service: The vulnerability opens two primary exploitation vectors with significant operational impact: full privilege escalation to system level, and denial of service (DoS).By manipulating filesystem paths and leveraging race conditions, an attacker can redirect the uninstaller’s operations to delete or overwrite protected installer configuration targets, ultimately triggering techniques that…
-
Windows 11 25H2: Administrator Protection-Schwachstelle CVE-2025-60718 ungefixt?
Die neu in Windows 11 ab 25H2 eingeführte Funktion “Administrator Protection” hatte eine Elevation of Privilege-Schwachstelle CVE-2025-60718, die angeblich zum 11. November 2025 geschlossen wurde. Nun gibt es den Hinweis, dass dieser Patch unvollständig ist und die EoP-Schwachstelle weiterhin ausgenutzt … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/12/17/windows-11-24h2-25h2-administrator-protection-schwachstelle-cve-2025-60718-ungefixt/