SonicWall urges admins to patch exploitable SSLVPN bug immediately
SonicWall is emailing customers urging them to upgrade their firewall’s SonicOS firmware to patch an authentication bypass vulnerability in SSL VPN and SSH management that is…
Month: January 2025
Russian ISP confirms Ukrainian hackers “destroyed” its network
Ukrainian hacktivists, part of the Ukrainian Cyber Alliance group, announced on Tuesday they had breached Russian internet service provider Nodex’s network and wiped hacked systems…
Quantum computing stocks take a hit as Nvidia CEO predicts long road ahead – Hardware
Quantum computing stocks sank after Nvidia CEO Jensen Huang said the technology’s practical use was likely two decades away. The long wait outlined by Huang…
Ivanti warns of new Connect Secure flaw used in zero-day attacks
Ivanti is warning that hackers exploited a Connect Secure remote code execution vulnerability tracked as CVE-2025-0282 in zero-day attacks to install malware on appliances. The company says…
Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282)
Ivanti has fixed two vulnerabilities affecting Ivanti Connect Secure, Policy Secure and ZTA gateways, one of which (CVE-2025-0282) has been exploited as a zero-day by…
In a first, EU Court fines EU for breaching own data protection law – Strategy
In a first, the EU General Court ruled that the European Commission must pay damages to a German citizen for failing to comply with its…
Gayfemboy Botnet targets Four-Faith router vulnerability
Gayfemboy Botnet targets Four-Faith router vulnerability Pierluigi Paganini January 08, 2025 Gayfemboy, a Mirai botnet variant, has been exploiting a flaw in Four-Faith industrial routers…
Unpatched critical flaws impact Fancy Product Designer WordPress plugin
Premium WordPress plugin Fancy Product Designer from Radykal is vulnerable to two critical severity flaws that remain unfixed in the current latest version. With more…
Neglected Domains Used in Malspam to Evade SPF and DMARC Security Protections
Cybersecurity researchers have found that bad actors are continuing to have success by spoofing sender email addresses as part of various malspam campaigns. Faking the…
Hackers exploit KerioControl firewall flaw to steal admin CSRF tokens
Hackers are trying to exploit CVE-2024-52875, a critical CRLF injection vulnerability that leads to 1-click remote code execution (RCE) attacks in GFI KerioControl firewall product. KerioControl…
Medical billing firm Medusind discloses breach affecting 360,000 people
Medusind, a leading billing provider for healthcare organizations, is notifying hundreds of thousands of individuals of a data breach that exposed their personal and health…
US Cyber Trust Mark logo for smart devices is coming
The White House announced the launch of the US Cyber Trust Mark which aims to help buyers make an informed choice about the purchase of…