CISA Adds Palo Alto Networks and SonicWall Flaws to Exploited Vulnerabilities List

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting Palo Alto Networks PAN-OS and SonicWall SonicOS SSLVPN to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The flaws are listed below –

CVE-2025-0108 (CVSS score: 7.8) – An authentication bypass vulnerability in the Palo Alto Networks PAN-OS

The Hacker News – ​Read More

North Korea’s Kimsuky Taps Trusted Platforms to Attack South Korea

The campaign heavily uses Dropbox folders and PowerShell scripts to evade detection and quickly scrapped infrastructure components after researchers began poking around.

darkreading – ​Read More

Xerox Printer Vulnerabilities Enable Credential Capture

Attackers are using patched bugs to potentially gain unfettered access to an organization’s Windows environment under certain conditions.

darkreading – ​Read More

$10 Infostealers Are Breaching Critical US Security: Military and Even the FBI Hit

A new report reveals how cheap Infostealer malware is exposing US military and defense data, putting national security at risk. Hackers exploit human error to gain access.

Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – ​Read More

SANS Institute Launches AI Cybersecurity Hackathon

Post Content

darkreading – ​Read More

China-Linked Threat Group Targets Japanese Orgs’ Servers

Winnti once used a variety of malware but is now focused on SQL vulnerabilities and obfuscation, updated encryption, and new evasion methods to gain access.

darkreading – ​Read More

Thrive Acquires Secured Network Services

Post Content

darkreading – ​Read More

Hackers use ‘sophisticated’ macOS malware to steal cryptocurrency, Microsoft says

In a report released on Monday, threat intelligence specialists at Microsoft said that they have discovered the new XCSSET strain in limited attacks. XCSSET, first spotted in the wild in August 2020, spreads by infecting Xcode projects, which developers use to create apps for Apple devices.

The Record from Recorded Future News – ​Read More

Microsoft: New Variant of macOS Threat XCSSET Spotted in the Wild

Microsoft is warning the modular and potentially wormable Apple-focused infostealer boasts new capabilities for obfuscation, persistence, and infection, and could lead to a supply chain attack.

darkreading – ​Read More

Elon Musk just released an AI that’s smarter than ChatGPT — here’s why that matters

Credit: VentureBeat made with Midjourney


Elon Musk’s xAI launches Grok 3, outperforming ChatGPT and Google Gemini in benchmarks with 200,000 GPUs and advanced reasoning capabilities, intensifying AI competition days after failed OpenAI bid.Read More

Security News | VentureBeat – ​Read More