brangberg – Page 559

Pre-Auth Exploit Chains Found in Commvault Could Enable Remote Code Execution Attacks

Commvault has released updates to address four security gaps that could be exploited to achieve remote code execution on susceptible instances.
The list of vulnerabilities, identified in Commvault versions before 11.36.60, is as follows –

CVE-2025-57788 (CVSS score: 6.9) – A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without requiring user

Europol confirms $50,000 Qilin ransomware reward is fake

Europol has confirmed that a Telegram channel impersonating the agency and offering a $50,000 reward for information on two Qilin ransomware administrators is fake. The impostor later admitted it was created to troll researchers and journalists. […]

Cybercriminals Deploy CORNFLAKE.V3 Backdoor via ClickFix Tactic and Fake CAPTCHA Pages

Threat actors have been observed leveraging the deceptive social engineering tactic known as ClickFix to deploy a versatile backdoor codenamed CORNFLAKE.V3.
Google-owned Mandiant described the activity, which it tracks as UNC5518, as part of an access-as-a-service scheme that employs fake CAPTCHA pages as lures to trick users into providing initial access to their systems, which is then

Telecom Firm Colt Confirms Data Breach as Ransomware Group Auctions Files

Colt Technology Services is working on restoring systems disrupted by a ransomware attack that involved data theft.

The post Telecom Firm Colt Confirms Data Breach as Ransomware Group Auctions Files appeared first on SecurityWeek.

Microsoft asks customers for feedback on SSD failure issues

Microsoft is seeking further information from customers who reported failure and data corruption issues affecting their solid-state drives (SSDs) and hard disk drives (HDDs) after installing the August 2025 security update. […]

Why Certified VMware Pros Are Driving the Future of IT

From hybrid cloud to AI, IT complexity and security risks are accelerating. Certified VMware pros bring clarity and resilience that keep teams ahead. See why CIOs are making certification a workforce strategy with VMUG. […]

Scattered Spider Hacker Sentenced to Prison

Noah Urban was sentenced to 10 years in prison for his role in the notorious cybercriminal operation known as Scattered Spider.

The post Scattered Spider Hacker Sentenced to Prison appeared first on SecurityWeek.

Password Managers Vulnerable to Data Theft via Clickjacking

A researcher has tested nearly a dozen password managers and found that they were all vulnerable to clickjacking attacks.

The post Password Managers Vulnerable to Data Theft via Clickjacking appeared first on SecurityWeek.

FBI warns of Russian hackers exploiting 7-year-old Cisco flaw

The Federal Bureau of Investigation (FBI) has warned that hackers linked to Russia’s Federal Security Service (FSB) are targeting critical infrastructure organizations in attacks exploiting a 7-year-old vulnerability in Cisco devices. […]

Russian APT Exploiting 7-Year-Old Cisco Vulnerability: FBI

Russian state-sponsored hackers tracked as Static Tundra continue to target Cisco devices affected by CVE-2018-0171.

The post Russian APT Exploiting 7-Year-Old Cisco Vulnerability: FBI appeared first on SecurityWeek.

Author: brangberg