infosecintel – Page 366 – Curated Information Security Articles and Threat Intelligence News

CISA Adds Erlang SSH and Roundcube Flaws to Known Exploited Vulnerabilities Catalog

June 10, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added two critical security flaws impacting Erlang/Open Telecom Platform (OTP) SSH and Roundcube to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities in question are listed below – CVE-2025-32433 (CVSS score: 10.0) – ARead More »CISA Adds Erlang SSH and Roundcube Flaws to Known Exploited Vulnerabilities Catalog

Chinese Hackers and User Lapses Turn Smartphones Into a ‘Mobile Security Crisis’

June 9, 2025

Foreign hackers have increasingly identified smartphones, other mobile devices and the apps they use as a weak link in U.S. cyberdefenses. The post Chinese Hackers and User Lapses Turn Smartphones Into a ‘Mobile Security Crisis’ appeared first on SecurityWeek.

Chinese Espionage Crews Circle SentinelOne in Year-Long Reconnaissance Campaign

June 9, 2025

Anti-malware vendor said it spent the past twelve months deflecting a stream of network reconnaissance probes from China-nexus threat actors The post Chinese Espionage Crews Circle SentinelOne in Year-Long Reconnaissance Campaign appeared first on SecurityWeek.

Harris-Walz Campaign Possibly Targeted in iPhone Cyberattack

June 9, 2025

A cybersecurity firm believes an iPhone hacking campaign occurred and targeted 5 high-profile Americans.

Over 70 Organizations Across Multiple Sectors Targeted by China-Linked Cyber Espionage Group

June 9, 2025

The reconnaissance activity targeting American cybersecurity company SentinelOne was part of a broader set of partially-related intrusions into several targets between July 2024 and March 2025. “The victimology includes a South Asian government entity, a European media organization, and more than 70 organizations across a wide range of sectors,” SentinelOneRead More »Over 70 Organizations Across Multiple Sectors Targeted by China-Linked Cyber Espionage Group

Two Distinct Botnets Exploit Wazuh Server Vulnerability to Launch Mirai-Based Attacks

June 9, 2025

A now-patched critical security flaw in the Wazur Server is being exploited by threat actors to drop two different Mirai botnet variants and use them to conduct distributed denial-of-service (DDoS) attacks. Akamai, which first discovered the exploitation efforts in late March 2025, said the malicious campaign targets CVE-2025-24016 (CVSS score:Read More »Two Distinct Botnets Exploit Wazuh Server Vulnerability to Launch Mirai-Based Attacks

Guardz Banks $56M Series B for All-in-One SMB Security

June 9, 2025

The Israeli company said the Series B raise was led by ClearSky and included equity stakes for new backer Phoenix Financial. The post Guardz Banks $56M Series B for All-in-One SMB Security appeared first on SecurityWeek.

Mirai Botnets Exploiting Wazuh Security Platform Vulnerability

June 9, 2025

CVE-2025-24016, a critical remote code execution vulnerability affecting Wazuh servers, has been exploited by Mirai botnets. The post Mirai Botnets Exploiting Wazuh Security Platform Vulnerability appeared first on SecurityWeek.

React Native Aria Packages Backdoored in Supply Chain Attack

June 9, 2025

A threat actor published backdoored versions of 17 NPM packages from GlueStack in a fresh supply chain attack. The post React Native Aria Packages Backdoored in Supply Chain Attack appeared first on SecurityWeek.

Malicious NPM Packages Disguised as Express Utilities Allow Attackers to Wipe Systems

June 9, 2025

Two malicious NPM packages contain code that would delete production systems when triggered with the right credentials. The post Malicious NPM Packages Disguised as Express Utilities Allow Attackers to Wipe Systems appeared first on SecurityWeek.

« Previous
1
…
364
365
366
367
368
…
438
Next »