Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet

/in

Threat actors are exploiting an unspecified zero-day vulnerability in Cambium Networks cnPilot routers to deploy a variant of the AISURU botnet called AIRASHI to carry out distributed denial-of-service (DDoS) attacks.
According to QiAnXin XLab, the attacks have leveraged the security flaw since June 2024. Additional details about the shortcomings have been withheld to prevent further abuse.
Some

The Hacker News – ​Read More

Cyber Insights 2025: APIs – The Threat Continues

/in

APIs are easy to develop, simple to implement, and frequently attacked. They are  prime and lucrative targets for cybercriminals. 

The post Cyber Insights 2025: APIs – The Threat Continues appeared first on SecurityWeek.

SecurityWeek – ​Read More

Oracle Patches 200 Vulnerabilities With January 2025 CPU

/in

Oracle has released 318 new security patches to address roughly 200 unique CVEs as part of its January 2025 Critical Patch Update.

The post Oracle Patches 200 Vulnerabilities With January 2025 CPU appeared first on SecurityWeek.

SecurityWeek – ​Read More

Murdoc Botnet Ensnaring Avtech, Huawei Devices

/in

The Mirai-based Murdoc botnet has been actively targeting Avtech and Huawei devices for roughly half a year.

The post Murdoc Botnet Ensnaring Avtech, Huawei Devices appeared first on SecurityWeek.

SecurityWeek – ​Read More

Record-Breaking DDoS Attack Reached 5.6 Tbps

/in

Cloudflare saw a 53% increase in DDoS attack frequency last year, when it blocked a record-breaking 5.6 Tbps attack.

The post Record-Breaking DDoS Attack Reached 5.6 Tbps appeared first on SecurityWeek.

SecurityWeek – ​Read More

Researcher Says ABB Building Control Products Affected by 1,000 Vulnerabilities

/in

ABB has patched building control product vulnerabilities that can expose many facilities to remote attacks.

The post Researcher Says ABB Building Control Products Affected by 1,000 Vulnerabilities appeared first on SecurityWeek.

SecurityWeek – ​Read More

Discover Hidden Browsing Threats: Free Risk Assessment for GenAI, Identity, Web, and SaaS Risks

/in

As GenAI tools and SaaS platforms become a staple component in the employee toolkit, the risks associated with data exposure, identity vulnerabilities, and unmonitored browsing behavior have skyrocketed. Forward-thinking security teams are looking for security controls and strategies to address these risks, but they do not always know which risks to prioritize. In some cases, they might have

The Hacker News – ​Read More

President Trump Pardons Silk Road Creator Ross Ulbricht After 11 Years in Prison

/in

U.S. President Donald Trump on Tuesday granted a “full and unconditional pardon” to Ross Ulbricht, the creator of the infamous Silk Road drug marketplace, after spending 11 years behind bars.
“I just called the mother of Ross William Ulbricht to let her know that in honor of her and the Libertarian Movement, which supported me so strongly, it was my pleasure to have just signed a full and

The Hacker News – ​Read More

Trump Pardons Founder of Silk Road Website

/in

President Donald Trump has pardoned Ross Ulbricht, the founder of Silk Road, an underground website for selling drugs.

The post Trump Pardons Founder of Silk Road Website appeared first on SecurityWeek.

SecurityWeek – ​Read More

PlushDaemon APT Targets South Korean VPN Provider in Supply Chain Attack

/in

A previously undocumented China-aligned advanced persistent threat (APT) group named PlushDaemon has been linked to a supply chain attack targeting a South Korean virtual private network (VPN) provider in 2023, according to new findings from ESET.
“The attackers replaced the legitimate installer with one that also deployed the group’s signature implant that we have named SlowStepper – a

The Hacker News – ​Read More