Vulnerabilities Patched in Qualcomm, Mediatek Chipsets
Chip makers Qualcomm and Mediatek have released patches for many vulnerabilities across their products.
The post Vulnerabilities Patched in Qualcomm, Mediatek Chipsets appeared first on SecurityWeek.
SecurityWeek – Read More
Google Patches Pair of Exploited Vulnerabilities in Android
Android’s March 2025 security update addresses over 40 vulnerabilities, including two actively exploited in the wild.
The post Google Patches Pair of Exploited Vulnerabilities in Android appeared first on SecurityWeek.
SecurityWeek – Read More
New Chinese Zhong Stealer Infects Fintech via Customer Support
A new malware threat called Zhong Stealer has surfaced from China, and it’s already slipping into businesses through…
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Over 4,000 ISP IPs Targeted in Brute-Force Attacks to Deploy Info Stealers and Cryptominers
Internet service providers (ISPs) in China and the West Coast of the United States have become the target of a mass exploitation campaign that deploys information stealers and cryptocurrency miners on compromised hosts.
The findings come from the Splunk Threat Research Team, which said the activity also led to the delivery of various binaries that facilitate data exfiltration as well as offer
The Hacker News – Read More
Exploitation Long Known for Most of CISA’s Latest KEV Additions
Exploitation has been known for months or years for most of the latest vulnerabilities added by CISA to its KEV catalog.
The post Exploitation Long Known for Most of CISA’s Latest KEV Additions appeared first on SecurityWeek.
SecurityWeek – Read More
Suspected Iranian Hackers Used Compromised Indian Firm’s Email to Target U.A.E. Aviation Sector
Threat hunters are calling attention to a new highly-targeted phishing campaign that singled out “fewer than five” entities in the United Arab Emirates (U.A.E.) to deliver a previously undocumented Golang backdoor dubbed Sosano.
The malicious activity was specifically directed against aviation and satellite communications organizations, according to Proofpoint, which detected it in late October
The Hacker News – Read More
Cisco, Hitachi, Microsoft, and Progress Flaws Actively Exploited—CISA Sounds Alarm
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws impacting software from Cisco, Hitachi Vantara, Microsoft Windows, and Progress WhatsUp Gold to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The list of vulnerabilities is as follows –
CVE-2023-20118 (CVSS score: 6.5) – A command injection
The Hacker News – Read More
Google’s March 2025 Android Security Update Fixes Two Actively Exploited Vulnerabilities
Google has released its monthly Android Security Bulletin for March 2025 to address a total of 44 vulnerabilities, including two that it said have come under active exploitation in the wild.
The two high-severity vulnerabilities are listed below –
CVE-2024-43093 – A privilege escalation flaw in the Framework component that could result in unauthorized access to “Android/data,” “Android/obb,”
The Hacker News – Read More
Mozilla Revises Firefox Terms of Use After Inflaming Users Over Data Usage
In response to users’ feedback about the Firefox Terms of Use, Mozilla updated some of the language about data usage. Mozilla also updated its Privacy FAQ.
Security | TechRepublic – Read More