Pierluigi Paganini
April 06, 2025
Oracle confirms a cloud data breach, quietly informing customers while downplaying the impact of the security breach. Oracle confirms a data breach and started informing customers while downplaying the impact of the incident. A threat actor using the moniker ‘rose87168’ claimed to possess millions of data lines tied to over 140,000 Oracle Cloud tenants, including […]
Pierluigi Paganini
April 05, 2025
A now-patched flaw in Verizon ’s iOS Call Filter app exposed call records of millions. No abuse found. Only phone numbers and timestamps were at risk. A now-patched vulnerability in Verizon ’s iOS Call Filter app could have been exploited to harvest the call records of millions of Americans. Verizon’s Call Filter app allows users […]
Pierluigi Paganini
April 05, 2025
Port of Seattle is notifying 90,000 people of a data breach after personal data was stolen in a ransomware attack in August 2024. In August 2024, a cyber attack hit the Port of Seattle, which also operates the Seattle-Tacoma International Airport. The attack impacted websites and phone systems. According to The Seattle Times, the cyber […]
Pierluigi Paganini
April 02, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apache Tomcat flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an Apache Tomcat path equivalence vulnerability, tracked as CVE-2025-24813, to its Known Exploited Vulnerabilities (KEV) catalog. The Apache Tomcat vulnerability CVE-2025-24813 was recently disclosed and is being actively exploited just 30 […]
Pierluigi Paganini
April 02, 2025
Hackers are scanning for vulnerabilities in Palo Alto Networks GlobalProtect portals, likely preparing for targeted attacks. Researchers at the threat intelligence firm GreyNoise warn of hackers that are scanning for vulnerabilities in Palo Alto Networks GlobalProtect portals, likely preparing for targeted attacks, warns threat intelligence firm GreyNoise. GreyNoise reports that over 24,000 unique IP addresses […]
Pierluigi Paganini
April 01, 2025
Attackers exploit CrushFTP CVE-2025-2825 flaw, enabling unauthenticated access to unpatched devices using public proof-of-concept code. Threat actors are exploiting a critical authentication bypass vulnerability, tracked as CVE-2025-2825, in the CrushFTP file transfer software. Attackers are using exploits based on publicly available proof-of-concept exploit code. The vulnerability impacts CrushFTP versions 10.0.0 through 10.8.3 and 11.0.0, it […]
Pierluigi Paganini
March 31, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco Smart Licensing Utility flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Cisco Smart Licensing Utility vulnerability, tracked as CVE-2024-20439, to its Known Exploited Vulnerabilities (KEV) catalog. Last week, Cisco disclosed two vulnerabilities in its Smart Licensing Utility: CVE-2024-20439, […]
Pierluigi Paganini
March 31, 2025
Russia-linked Gamaredon targets Ukraine with a phishing campaign using troop-related lures to deploy the Remcos RAT via PowerShell downloader. Talos researchers warn that Russia-linked APT group Gamaredon (a.k.a. Armageddon, Primitive Bear, ACTINIUM, Callisto) targets Ukraine with a phishing campaign. The cyberespionage group is behind a long series of spear-phishing attacks targeting Ukrainian entities, and organizations related […]
Pierluigi Paganini
March 31, 2025
Morphing Meerkat phishing kits exploit DNS MX records to deliver spoofed login pages, targeting over 100 brands. Infoblox researchers discovered a new phishing-as-a-service (PhaaS) platform that generated multiple phishing kits, called Morphing Meerkat, using DNS mail exchange (MX) records to deliver fake login pages and targeting over 100 brands. Threat actors are exploiting DNS techniques […]
Pierluigi Paganini
March 27, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium Mojo flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Google Chromium Mojo sandbox escape vulnerability, tracked as CVE-2025-2783, to its Known Exploited Vulnerabilities (KEV) catalog. This week Google has released out-of-band fixes to address a high-severity security […]
