Recent investigations have linked a malicious web shell deployed on Windows systems to a possible Chinese cyber threat group, following the exploitation of an undisclosed zero-day vulnerability in SolarWinds’ Orion network monitoring software. The cybersecurity firm Secureworks reported that this breach involved a web shell referred to as Supernova, which…
Cybersecurity Alert: Vulnerabilities Found in D-Link NAS Devices Open Doors to Exploitation Recent findings reveal that threat actors are actively exploiting security weaknesses affecting approximately 92,000 D-Link network-attached storage (NAS) devices exposed to the internet. The vulnerabilities, identified as CVE-2024-3272 and CVE-2024-3273, are categorized with high CVSS scores of 9.8…
In April 2024, Microsoft announced a critical security update addressing an unprecedented 149 vulnerabilities, with two of these flaws identified as actively exploited threats. This latest update categorizes three of the vulnerabilities as Critical, 142 as Important, three as Moderate, and one as Low in severity. Additionally, the update follows…
Palo Alto Networks has disclosed a significant security vulnerability affecting PAN-OS that is currently under active exploitation by cybercriminals. This flaw, designated as CVE-2024-3400 with a CVSS score of 10.0, is characterized as “intricate,” arising from the combination of two distinct bugs present in PAN-OS versions 10.2, 11.0, and 11.1.…
Government, Industry Specific, Network Firewalls, Network Access Control CISA Discovers Agencies Misled About Cisco Patch Updates Chris Riotta (@chrisriotta) • November 13, 2025 Image: PJ McDonnell/Shutterstock The Cybersecurity and Infrastructure Security Agency (CISA) has raised alarms regarding critical vulnerabilities in Cisco devices, indicating that U.S. government agencies have inadequately addressed…
A set of serious security vulnerabilities has emerged in the OpenPrinting Common Unix Printing System (CUPS), potentially allowing for remote command execution on Linux systems under specific circumstances. Security researcher Simone Margaritelli detailed that an unauthenticated remote attacker could exploit these vulnerabilities to alter or install printer IPP URLs, which…
Microsoft has announced the release of security updates addressing 118 vulnerabilities in its software suite, two of which have been identified as actively exploited vulnerabilities in the wild. Among these vulnerabilities, three have been classified as Critical, while 113 are rated Important, and two are deemed Moderate. Notably, this Patch…
Cyberwarfare / Nation-State Attacks, Endpoint Security, Fraud Management & Cybercrime Spyware Targets Samsung Galaxy Devices, Reports Unit 42 Greg Sirico • November 7, 2025 Samsung Galaxy models targeted by the malware include the Galaxy S23 Series, Galaxy S24 Series, Galaxy S22, Galaxy Z Flip4, and Galaxy Z Fold4, as depicted.…
On Wednesday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced the addition of a critical security vulnerability affecting Fortinet products to its Known Exploited Vulnerabilities (KEV) catalog. This action was taken in light of evidence indicating ongoing exploitation of this flaw. Identified as CVE-2024-23113, this vulnerability has a CVSS…
