Skip to content
Security News, Assessments & Alerts Page 282

Security News, Assessments & Alerts

Security Issues, Vulnerabilities, Exploits & Government Alerts

SonicWall Urges Immediate Patch for Critical CVE-2025-23006 Flaw Amid Likely Exploitation

SonicWall Urges Immediate Patch for Critical CVE-2025-23006 Flaw Amid Likely Exploitation

Jan 23, 2025Ravie LakshmananVulnerability / Network Security SonicWall is alerting customers of a critical security flaw impacting its Secure Mobile Access (SMA) 1000 Series appliances that it said has been likely exploited in the wild… 

Read More »SonicWall Urges Immediate Patch for Critical CVE-2025-23006 Flaw Amid Likely Exploitation
QakBot-Linked BC Malware Adds Enhanced Remote Access and Data Gathering Features

QakBot-Linked BC Malware Adds Enhanced Remote Access and Data Gathering Features

Jan 23, 2025Ravie LakshmananMalware / Threat Intelligence Cybersecurity researchers have disclosed details of a new BackConnect (BC) malware that has been developed by threat actors linked to the infamous QakBot loader. “BackConnect is a common… 

Read More »QakBot-Linked BC Malware Adds Enhanced Remote Access and Data Gathering Features
Cisco Fixes Critical Privilege Escalation Flaw in Meeting Management (CVSS 9.9)

Cisco Fixes Critical Privilege Escalation Flaw in Meeting Management (CVSS 9.9)

Jan 23, 2025Ravie LakshmananNetwork Security / Vulnerability Cisco has released software updates to address a critical security flaw impacting Meeting Management that could permit a remote, authenticated attacker to gain administrator privileges on susceptible instances.… 

Read More »Cisco Fixes Critical Privilege Escalation Flaw in Meeting Management (CVSS 9.9)
TRIPLESTRENGTH Hits Cloud for Cryptojacking, On-Premises Systems for Ransomware

TRIPLESTRENGTH Hits Cloud for Cryptojacking, On-Premises Systems for Ransomware

Jan 23, 2025Ravie LakshmananCloud Security / Cryptojacking Google on Wednesday shed light on a financially motivated threat actor named TRIPLESTRENGTH for its opportunistic targeting of cloud environments for cryptojacking and on-premise ransomware attacks. “This actor… 

Read More »TRIPLESTRENGTH Hits Cloud for Cryptojacking, On-Premises Systems for Ransomware
Trump Terminates DHS Advisory Committee Memberships, Disrupting Cybersecurity Review

Trump Terminates DHS Advisory Committee Memberships, Disrupting Cybersecurity Review

Jan 22, 2025Ravie LakshmananCybersecurity / National Security The new Trump administration has terminated all memberships of advisory committees that report to the Department of Homeland Security (DHS). “In alignment with the Department of Homeland Security’s… 

Read More »Trump Terminates DHS Advisory Committee Memberships, Disrupting Cybersecurity Review
Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet

Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet

Threat actors are exploiting an unspecified zero-day vulnerability in Cambium Networks cnPilot routers to deploy a variant of the AISURU botnet called AIRASHI to carry out distributed denial-of-service (DDoS) attacks. According to QiAnXin XLab, the… 

Read More »Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet
President Trump Pardons Silk Road Creator Ross Ulbricht After 11 Years in Prison

President Trump Pardons Silk Road Creator Ross Ulbricht After 11 Years in Prison

Jan 22, 2025Ravie LakshmananDark Web / Cryptocurrency U.S. President Donald Trump on Tuesday granted a “full and unconditional pardon” to Ross Ulbricht, the creator of the infamous Silk Road drug marketplace, after spending 11 years… 

Read More »President Trump Pardons Silk Road Creator Ross Ulbricht After 11 Years in Prison