Multiple South Korean organizations across industries have been targeted in a recent Lazarus campaign dubbed Operation SyncHole.
The post South Korean Companies Targeted by Lazarus via Watering Hole Attacks, Zero-Days appeared first on SecurityWeek.
RSA Conference 2025 – Pre-Event Announcements Summary (Part 2)
Hundreds of companies are showcasing their products and services next week at the 2025 edition of the RSA Conference in San Francisco.
The post RSA Conference 2025 – Pre-Event Announcements Summary (Part 2) appeared first on SecurityWeek.
SAP Confirms Critical NetWeaver Flaw Amid Suspected Zero-Day Exploitation by Hackers
Threat actors are likely exploiting a new vulnerability in SAP NetWeaver to upload JSP web shells with the goal of facilitating unauthorized file uploads and code execution.
“The exploitation is likely tied to either a previously disclosed vulnerability like CVE-2017-9844 or an unreported remote file inclusion (RFI) issue,” ReliaQuest said in a report published this week.
The cybersecurity
“The exploitation is likely tied to either a previously disclosed vulnerability like CVE-2017-9844 or an unreported remote file inclusion (RFI) issue,” ReliaQuest said in a report published this week.
The cybersecurity
Why NHIs Are Security’s Most Dangerous Blind Spot
When we talk about identity in cybersecurity, most people think of usernames, passwords, and the occasional MFA prompt. But lurking beneath the surface is a growing threat that does not involve human credentials at all, as we witness the exponential growth of Non-Human Identities (NHIs).
At the top of mind when NHIs are mentioned, most security teams immediately think of Service Accounts.
At the top of mind when NHIs are mentioned, most security teams immediately think of Service Accounts.
SAP Zero-Day Possibly Exploited by Initial Access Broker
A zero-day vulnerability in SAP NetWeaver potentially affects more than 10,000 internet-facing applications.
The post SAP Zero-Day Possibly Exploited by Initial Access Broker appeared first on SecurityWeek.
FBI seeks help to unmask Salt Typhoon hackers behind telecom breaches
The FBI has asked the public for information on Chinese Salt Typhoon hackers behind widespread breaches of telecommunications providers in the United States and worldwide. […]
All Major Gen-AI Models Vulnerable to ‘Policy Puppetry’ Prompt Injection Attack
A new attack technique named Policy Puppetry can break the protections of major gen-AI models to produce harmful outputs.
The post All Major Gen-AI Models Vulnerable to ‘Policy Puppetry’ Prompt Injection Attack appeared first on SecurityWeek.
Researchers Identify Rack::Static Vulnerability Enabling Data Breaches in Ruby Servers
Cybersecurity researchers have disclosed three security flaws in the Rack Ruby web server interface that, if successfully exploited, could enable attackers to gain unauthorized access to files, inject malicious data, and tamper with logs under certain conditions.
The vulnerabilities, flagged by cybersecurity vendor OPSWAT, are listed below –
The vulnerabilities, flagged by cybersecurity vendor OPSWAT, are listed below –
CVE-2025-27610 (CVSS score: 7.5) – A path traversal
DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks
Cybersecurity researchers are warning about a new malware called DslogdRAT that’s installed following the exploitation of a now-patched security flaw in Ivanti Connect Secure (ICS).
The malware, along with a web shell, were “installed by exploiting a zero-day vulnerability at that time, CVE-2025-0282, during attacks against organizations in Japan around December 2024,” JPCERT/CC researcher Yuma
The malware, along with a web shell, were “installed by exploiting a zero-day vulnerability at that time, CVE-2025-0282, during attacks against organizations in Japan around December 2024,” JPCERT/CC researcher Yuma
Microsoft announces fix for CPU spikes when typing in Outlook
Microsoft says it will soon fix a known issue causing CPU spikes when typing messages in recent versions of its classic Outlook email client. […]