Blog – Page 730 – Cyber Mike

Blind Eagle Hacks Colombian Institutions Using NTLM Flaw, RATs and GitHub-Based Attacks

The threat actor known as Blind Eagle has been linked to a series of ongoing campaigns targeting Colombian institutions and government entities since November 2024.
“The monitored campaigns targeted Colombian judicial institutions and other government or private organizations, with high infection rates,” Check Point said in a new analysis.
“More than 1,600 victims were affected during one of

Critical PHP RCE vulnerability mass exploited in new attacks

Threat intelligence company GreyNoise warns that a critical PHP remote code execution vulnerability that impacts Windows systems is now under mass exploitation. […]

The AI race: Dark AI is in the lead, but good AI is catching up

Cybercriminals are using AI for help in planning and conducting cyberattacks—but cybersecurity vendors are fighting back. Learn from Acronis Threat Research Unit about how AI-powered security solutions are closing the gap in the battle against AI-driven cyber threats. […]

PowerSchool previously hacked in August, months before data breach

PowerSchool has published a long-awaited CrowdStrike investigation into its massive December 2024 data breach, which determined that the company was previously hacked over 4 months earlier, in August, and then again in September. […]

New York Sues Insurance Giant Over Data Breaches

The New York Attorney General sued National General and its parent company Allstate over two data breaches.

The post New York Sues Insurance Giant Over Data Breaches appeared first on SecurityWeek.

CISA tags critical Ivanti EPM flaws as actively exploited in attacks

CISA warned U.S. federal agencies to secure their networks against attacks exploiting three critical vulnerabilities affecting Ivanti Endpoint Manager (EPM) appliances. […]

SAP Patches High-Severity Vulnerabilities in Commerce, NetWeaver

SAP released 21 new security notes and updated three security notes on March 2025 security patch day.

The post SAP Patches High-Severity Vulnerabilities in Commerce, NetWeaver appeared first on SecurityWeek.

Edimax Says No Patches Coming for Zero-Day Exploited by Botnets

Edimax is aware that CVE-2025-1316 has been exploited in the wild, but the impacted devices were discontinued over a decade ago.

The post Edimax Says No Patches Coming for Zero-Day Exploited by Botnets appeared first on SecurityWeek.

Ballista Botnet Exploits Unpatched TP-Link Vulnerability, Infects Over 6,000 Devices

Unpatched TP-Link Archer routers have become the target of a new botnet campaign dubbed Ballista, according to new findings from the Cato CTRL team.
“The botnet exploits a remote code execution (RCE) vulnerability in TP-Link Archer routers (CVE-2023-1389) to spread itself automatically over the Internet,” security researchers Ofek Vardi and Matan Mittelman said in a technical report shared with

Sola Security Deposits Hefty $30M Seed Funding

The financing was provided by S Capital and investor Mike Moritz, S32, Glilot Capital Partners, and several angel investors.

The post Sola Security Deposits Hefty $30M Seed Funding appeared first on SecurityWeek.

Cyber News