CISA Adds Palo Alto Networks and SonicWall Flaws to Exploited Vulnerabilities List

/in

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting Palo Alto Networks PAN-OS and SonicWall SonicOS SSLVPN to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The flaws are listed below –

CVE-2025-0108 (CVSS score: 7.8) – An authentication bypass vulnerability in the Palo Alto Networks PAN-OS

The Hacker News – ​Read More

North Korea’s Kimsuky Taps Trusted Platforms to Attack South Korea

/in

The campaign heavily uses Dropbox folders and PowerShell scripts to evade detection and quickly scrapped infrastructure components after researchers began poking around.

darkreading – ​Read More

Xerox Printer Vulnerabilities Enable Credential Capture

/in

Attackers are using patched bugs to potentially gain unfettered access to an organization’s Windows environment under certain conditions.

darkreading – ​Read More

$10 Infostealers Are Breaching Critical US Security: Military and Even the FBI Hit

/in

A new report reveals how cheap Infostealer malware is exposing US military and defense data, putting national security at risk. Hackers exploit human error to gain access.

Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – ​Read More

SANS Institute Launches AI Cybersecurity Hackathon

/in

Post Content

darkreading – ​Read More

China-Linked Threat Group Targets Japanese Orgs’ Servers

/in

Winnti once used a variety of malware but is now focused on SQL vulnerabilities and obfuscation, updated encryption, and new evasion methods to gain access.

darkreading – ​Read More

Thrive Acquires Secured Network Services

/in

Post Content

darkreading – ​Read More

Hackers use ‘sophisticated’ macOS malware to steal cryptocurrency, Microsoft says

/in

In a report released on Monday, threat intelligence specialists at Microsoft said that they have discovered the new XCSSET strain in limited attacks. XCSSET, first spotted in the wild in August 2020, spreads by infecting Xcode projects, which developers use to create apps for Apple devices.

The Record from Recorded Future News – ​Read More

Microsoft: New Variant of macOS Threat XCSSET Spotted in the Wild

/in

Microsoft is warning the modular and potentially wormable Apple-focused infostealer boasts new capabilities for obfuscation, persistence, and infection, and could lead to a supply chain attack.

darkreading – ​Read More

Elon Musk just released an AI that’s smarter than ChatGPT — here’s why that matters

/in

Credit: VentureBeat made with Midjourney

Elon Musk’s xAI launches Grok 3, outperforming ChatGPT and Google Gemini in benchmarks with 200,000 GPUs and advanced reasoning capabilities, intensifying AI competition days after failed OpenAI bid.Read More

Security News | VentureBeat – ​Read More