Hacking Archives - Page 12 of 964

Pierluigi Paganini June 30, 2025

U.S. CISA adds Citrix NetScaler flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Citrix NetScaler vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Citrix NetScaler vulnerability, tracked as CVE-2025-6543, to its Known Exploited Vulnerabilities (KEV) catalog. CVE-2025-6543 (CVSS score of 9.2) is a memory overflow vulnerability in NetScaler ADC and NetScaler Gateway when configured […]

Pierluigi Paganini June 28, 2025

The FBI warns that Scattered Spider is now targeting the airline sector

The FBI warns that Scattered Spider is now targeting the airline sector. Feds are working with aviation partners to combat the threat and assist affected victims. The FBI reports that the cybercrime group Scattered Spider is now targeting the airline sector. The cybercriminals are using social engineering techniques to gain access to target organizations by […]

Pierluigi Paganini June 27, 2025

Taking over millions of developers exploiting an Open VSX Registry flaw

A critical flaw in Open VSX Registry could let attackers hijack the VS Code extension hub, exposing millions of developers to supply chain attacks. Cybersecurity researchers at Koi Security discovered a critical vulnerability in the Open VSX Registry (open-vsx.org) that could have let attackers take over the Visual Studio Code extensions marketplace, endangering millions of […]

Pierluigi Paganini June 27, 2025

OneClik APT campaign targets energy sector with stealthy backdoors

A OneClik campaign, likely carried out by China-linked actor, targets energy sectors using stealthy ClickOnce and Golang backdoors. Trellix cybersecurity researchers uncovered a new APT malware campaign, OneClik, targeting the energy, oil, and gas sectors. It abuses Microsoft’s ClickOnce deployment tech and custom Golang backdoors. While links to China-affiliated actors are suspected, attribution remains cautious. […]

Pierluigi Paganini June 27, 2025

APT42 impersonates cyber professionals to phish Israeli academics and journalists

Iran-linked APT42 targets Israeli experts with phishing attacks, posing as security professionals to steal email credentials and 2FA codes. Iran-linked group APT42 (aka Educated Manticore, Charming Kitten, and Mint Sandstorm) is targeting Israeli journalists, cybersecurity experts, and academics with phishing attacks, posing as security professionals to steal email credentials and 2FA codes, according to Check Point. […]

Pierluigi Paganini June 26, 2025

U.S. CISA adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these […]

Pierluigi Paganini June 26, 2025

CitrixBleed 2: The nightmare that echoes the ‘CitrixBleed’ flaw in Citrix NetScaler devices

New Citrix flaw ‘CitrixBleed 2’ lets attackers steal session cookies without logging in, echoing a previously exploited vulnerability. A new flaw in Citrix NetScaler ADC and Gateway, dubbed ‘CitrixBleed 2‘ (CVE-2025-5777, CVSS v4.0 Base Score of 9.3), can allow unauthenticated attackers to steal session cookies, similar to a past critical exploit. The vulnerability is an […]

Pierluigi Paganini June 25, 2025

Hackers deploy fake SonicWall VPN App to steal corporate credentials

Hackers spread a trojanized version of SonicWall VPN app to steal login credentials from users accessing corporate networks. Unknown threat actors are distributing a trojanized version of SonicWall NetExtender SSL VPN app to steal user credentials. The legitimate NetExtender app lets remote users securely access and use company network resources as if they were on-site. […]

Pierluigi Paganini June 25, 2025

Disrupting the operations of cryptocurrency mining botnets

Cybersecurity researchers devised two attack techniques to disrupt the operations of cryptocurrency mining botnets. Akamai Researchers uncovered two novel techniques to disrupt cryptocurrency mining botnets by exploiting flaws in common mining topologies. Current methods to stop cryptocurrecy mining botnets are pool bans or infrastructure takedowns, however, both are slow and complex. Researchers developed two faster techniques exploiting […]

Pierluigi Paganini June 24, 2025

The U.S. House banned WhatsApp on government devices due to security concerns

The U.S. House banned WhatsApp on official devices over security concerns, citing risks flagged by the Chief Administrative Officer. The U.S. House has banned WhatsApp on government devices due to data security concerns. Similar restrictions apply to AI tools like ChatGPT, ByteDance apps, and Microsoft Copilot. “nuto has deemed WhatsApp a high-risk to users due […]

Hacking

U.S. CISA adds Citrix NetScaler flaw to its Known Exploited Vulnerabilities catalog

The FBI warns that Scattered Spider is now targeting the airline sector

Taking over millions of developers exploiting an Open VSX Registry flaw

OneClik APT campaign targets energy sector with stealthy backdoors

APT42 impersonates cyber professionals to phish Israeli academics and journalists

U.S. CISA adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog

CitrixBleed 2: The nightmare that echoes the ‘CitrixBleed’ flaw in Citrix NetScaler devices

Hackers deploy fake SonicWall VPN App to steal corporate credentials

Disrupting the operations of cryptocurrency mining botnets

The U.S. House banned WhatsApp on government devices due to security concerns

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Auchan discloses data breach: data of hundreds of thousands of customers exposed

U.S. CISA adds Citrix Session Recording, and Git flaws to its Known Exploited Vulnerabilities catalog

Docker fixes critical Desktop flaw allowing container escapes

Malicious apps with +19M installs removed from Google Play because spreading Anatsa banking trojan and other malware

Pakistan-linked APT36 abuses Linux .desktop files to drop custom malware in new campaign

QUICK LINKS

Hacking

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!