Ransomware has become a highly coordinated and pervasive threat, and traditional defenses are increasingly struggling to neutralize it. Today’s ransomware attacks initially target your last line of defense — your backup infrastructure. Before locking up your production environment, cybercriminals go after your backups to cripple your ability to recover, increasing the odds of a ransom payout.
Asus Armoury Crate Vulnerability Leads to Full System Compromise
A high-severity authorization bypass vulnerability in Asus Armoury Crate provides attackers with low-level system privileges.
The post Asus Armoury Crate Vulnerability Leads to Full System Compromise appeared first on SecurityWeek.
New Flodrix Botnet Variant Exploits Langflow AI Server RCE Bug to Launch DDoS Attacks
Cybersecurity researchers have called attention to a new campaign that’s actively exploiting a recently disclosed critical security flaw in Langflow to deliver the Flodrix botnet malware.
“Attackers use the vulnerability to execute downloader scripts on compromised Langflow servers, which in turn fetch and install the Flodrix malware,” Trend Micro researchers Aliakbar Zahravi, Ahmed Mohamed
“Attackers use the vulnerability to execute downloader scripts on compromised Langflow servers, which in turn fetch and install the Flodrix malware,” Trend Micro researchers Aliakbar Zahravi, Ahmed Mohamed
Recent Langflow Vulnerability Exploited by Flodrix Botnet
A critical Langflow vulnerability tracked as CVE-2025-3248 has been exploited to ensnare devices in the Flodrix botnet.
The post Recent Langflow Vulnerability Exploited by Flodrix Botnet appeared first on SecurityWeek.
TP-Link Router Flaw CVE-2023-33538 Under Active Exploit, CISA Issues Immediate Alert
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security flaw in TP-Link wireless routers to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
The vulnerability in question is CVE-2023-33538 (CVSS score: 8.8), a command injection bug that could result in the execution of arbitrary system commands when
The vulnerability in question is CVE-2023-33538 (CVSS score: 8.8), a command injection bug that could result in the execution of arbitrary system commands when
Meta Starts Showing Ads on WhatsApp After 6-Year Delay From 2018 Announcement
Meta Platforms on Monday announced that it’s bringing advertising to WhatsApp, but emphasized that the ads are “built with privacy in mind.”
The ads are expected to be displayed on the Updates tab through its Stories-like Status feature, which allows ephemeral sharing of photos, videos, voice notes, and text for 24 hours. These efforts are “rolling out gradually,” per the company.
The media
The ads are expected to be displayed on the Updates tab through its Stories-like Status feature, which allows ephemeral sharing of photos, videos, voice notes, and text for 24 hours. These efforts are “rolling out gradually,” per the company.
The media
Hackers switch to targeting U.S. insurance companies
Threat intelligence researchers are warning of hackers breaching multiple U.S. companies in the insurance industry using all the tactics observed with Scattered Spider activity. […]
ASUS Armoury Crate bug lets attackers get Windows admin privileges
A high-severity vulnerability in ASUS Armoury Crate software could allow threat actors to escalate their privileges to SYSTEM level on Windows machines. […]
U.S. Seizes $7.74M in Crypto Tied to North Korea’s Global Fake IT Worker Network
The U.S. Department of Justice (DoJ) said it has filed a civil forfeiture complaint in federal court that targets over $7.74 million in cryptocurrency, non-fungible tokens (NFTs), and other digital assets allegedly linked to a global IT worker scheme orchestrated by North Korea.
“For years, North Korea has exploited global remote IT contracting and cryptocurrency ecosystems to evade U.S.
“For years, North Korea has exploited global remote IT contracting and cryptocurrency ecosystems to evade U.S.
Washington Post’s email system hacked, journalists’ accounts compromised
Email accounts of several Washington Post journalists were compromised in a cyberattack believed to have been carried out by a foreign government. […]