Google Cloud’s Mandiant has linked the exploitation of CVE-2025-0282, a new Ivanti VPN zero-day, to Chinese cyberspies.
The post Exploitation of New Ivanti VPN Zero-Day Linked to Chinese Cyberspies appeared first on SecurityWeek.
MirrorFace Leverages ANEL and NOOPDOOR in Multi-Year Cyberattacks on Japan
Japan’s National Police Agency (NPA) and National Center of Incident Readiness and Strategy for Cybersecurity (NCSC) accused a China-linked threat actor named MirrorFace of orchestrating a persistent attack campaign targeting organizations, businesses, and individuals in the country since 2019.
The primary objective of the attack campaign is to steal information related to Japan’s national
The primary objective of the attack campaign is to steal information related to Japan’s national
Webinar: Learn How to Stop Encrypted Attacks Before They Cost You Millions
Ransomware isn’t slowing down—it’s getting smarter. Encryption, designed to keep our online lives secure, is now being weaponized by cybercriminals to hide malware, steal data, and avoid detection.The result? A 10.3% surge in encrypted attacks over the past year and some of the most shocking ransom payouts in history, including a $75 million ransom in 2024.
Are you prepared to fight back?
Join
Are you prepared to fight back?
Join
Critical RCE Flaw in GFI KerioControl Allows Remote Code Execution via CRLF Injection
Threat actors are attempting to take advantage of a recently disclosed security flaw impacting GFI KerioControl firewalls that, if successfully exploited, could allow malicious actors to achieve remote code execution (RCE).
The vulnerability in question, CVE-2024-52875, refers to a carriage return line feed (CRLF) injection attack, paving the way for HTTP response splitting, which could then
The vulnerability in question, CVE-2024-52875, refers to a carriage return line feed (CRLF) injection attack, paving the way for HTTP response splitting, which could then
Ivanti Flaw CVE-2025-0282 Actively Exploited, Impacts Connect Secure and Policy Secure
Ivanti is warning that a critical security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA Gateways has come under active exploitation in the wild beginning mid-December 2024.
The security vulnerability in question is CVE-2025-0282 (CVSS score: 9.0), a stack-based buffer overflow that affects Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2
The security vulnerability in question is CVE-2025-0282 (CVSS score: 9.0), a stack-based buffer overflow that affects Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2
Unpatched critical flaws impact Fancy Product Designer WordPress plugin
Premium WordPress plugin Fancy Product Designer from Radykal is vulnerable to two critical severity flaws that remain unfixed in the current latest version. […]
Ivanti warns of new Connect Secure flaw used in zero-day attacks
Ivanti is warning that a new Connect Secure remote code execution vulnerability tracked as CVE-2025-0282 was exploited in zero-day attacks to install malware on appliances. […]
Ivanti Warns of New Zero-Day Attacks Hitting Connect Secure Product
Ivanti confirms zero-day exploitation of a remotely exploitable code execution flaw in its Connect Security product line.
The post Ivanti Warns of New Zero-Day Attacks Hitting Connect Secure Product appeared first on SecurityWeek.
Russian ISP confirms Ukrainian hackers “destroyed” its network
Russian internet service provider Nodex confirmed on Tuesday that its network was “destroyed” in a cyberattack claimed by Ukrainian hacktivists part of the Ukrainian Cyber Alliance […]
SonicWall urges admins to patch exploitable SSLVPN bug immediately
SonicWall is emailing customers urging them to upgrade their firewall’s SonicOS firmware to patch an authentication bypass vulnerability in SSL VPN and SSH management that is “susceptible to actual exploitation.” […]