BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware
/in General NewsMicrosoft has revealed that a now-patched security flaw impacting the Windows Common Log File System (CLFS) was exploited as a zero-day in ransomware attacks aimed at a small number of targets.
“The targets include organizations in the information technology (IT) and real estate sectors of the United States, the financial sector in Venezuela, a Spanish software company, and the retail sector in
The Hacker News – Read More
Governments identify dozens of Android apps bundled with spyware
/in General NewsThe advisories say the spyware apps are used to target members of civil society who may oppose China’s state interests.
Security News | TechCrunch – Read More
ICS Patch Tuesday: Vulnerabilities Addressed by Rockwell, ABB, Siemens, Schneider
/in General NewsIndustrial giants Siemens, Rockwell, Schneider and ABB have released their March 2025 Patch Tuesday ICS security advisories.
The post ICS Patch Tuesday: Vulnerabilities Addressed by Rockwell, ABB, Siemens, Schneider appeared first on SecurityWeek.
SecurityWeek – Read More
Microsoft Patches 126 Flaws Including Actively Exploited Windows CLFS Vulnerability
/in General NewsMicrosoft has released security fixes to address a massive set of 126 flaws affecting its software products, including one vulnerability that it said has been actively exploited in the wild.
Of the 126 vulnerabilities, 11 are rated Critical, 112 are rated Important, and two are rated Low in severity. Forty-nine of these vulnerabilities are classified as privilege escalation, 34 as remote code
The Hacker News – Read More
Grandoreiro Strikes Again: Geofenced Phishing Attacks Target LATAM
/in General NewsDisclosure: This article was provided by ANY.RUN. The information and analysis presented are based on their research and findings.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Patch Tuesday, April 2025 Edition
/in General NewsMicrosoft today released updates to plug at least 121 security holes in its Windows operating systems and software, including one vulnerability that is already being exploited in the wild. Eleven of those flaws earned Microsoft’s most-dire “critical” rating, meaning malware or malcontents could exploit them with little to no interaction from Windows users.
The zero-day flaw already seeing exploitation is CVE-2025-29824, a local elevation of privilege bug in the Windows Common Log File System (CLFS) driver. Microsoft rates it as “important,” but as Chris Goettl from Ivanti points out, risk-based prioritization warrants treating it as critical.
This CLFS component of Windows is no stranger to Patch Tuesday: According to Tenable’s Satnam Narang, since 2022 Microsoft has patched 32 CLFS vulnerabilities — averaging 10 per year — with six of them exploited in the wild. The last CLFS zero-day was patched in December 2024.
Narang notes that while flaws allowing attackers to install arbitrary code are consistently top overall Patch Tuesday features, the data is reversed for zero-day exploitation.
“For the past two years, elevation of privilege flaws have led the pack and, so far in 2025, account for over half of all zero-days exploited,” Narang wrote.
Rapid7’s Adam Barnett warns that any Windows defenders responsible for an LDAP server — which means almost any organization with a non-trivial Microsoft footprint — should add patching for the critical flaw CVE-2025-26663 to their to-do list.
“With no privileges required, no need for user interaction, and code execution presumably in the context of the LDAP server itself, successful exploitation would be an attractive shortcut to any attacker,” Barnett said. “Anyone wondering if today is a re-run of December 2024 Patch Tuesday can take some small solace in the fact that the worst of the trio of LDAP critical RCEs published at the end of last year was likely easier to exploit than today’s example, since today’s CVE-2025-26663 requires that an attacker win a race condition. Despite that, Microsoft still expects that exploitation is more likely.”
Among the critical updates Microsoft patched this month are remote code execution flaws in Windows Remote Desktop services (RDP), including CVE-2025-26671, CVE-2025-27480 and CVE-2025-27482; only the latter two are rated “critical,” and Microsoft marked both of them as “Exploitation More Likely.”
Perhaps the most widespread vulnerabilities fixed this month were in web browsers. Google Chrome updated to fix 13 flaws this week, and Mozilla Firefox fixed eight bugs, with possibly more updates coming later this week for Microsoft Edge.
As it tends to do on Patch Tuesdays, Adobe has released 12 updates resolving 54 security holes across a range of products, including ColdFusion, Adobe Commerce, Experience Manager Forms, After Effects, Media Encoder, Bridge, Premiere Pro, Photoshop, Animate, AEM Screens, and FrameMaker.
Apple users may need to patch as well. On March 31, Apple released a huge security update (more than three gigabytes in size) to fix issues in a range of their products, including at least one zero-day flaw.
And in case you missed it, on March 31, 2025 Apple released a rather large batch of security updates for a wide range of their products, from macOS to the iOS operating systems on iPhones and iPads.
Earlier today, Microsoft included a note saying Windows 10 security updates weren’t available but would be released as soon as possible. It appears from browsing askwoody.com that this snafu has since been rectified. Either way, if you run into complications applying any of these updates please leave a note about it in the comments below, because the chances are good that someone else had the same problem.
As ever, please consider backing up your data and or devices prior to updating, which makes it far less complicated to undo a software update gone awry. For more granular details on today’s Patch Tuesday, check out the SANS Internet Storm Center’s roundup. Microsoft’s update guide for April 2025 is here.
For more details on Patch Tuesday, check out the write-ups from Action1 and Automox.
Krebs on Security – Read More
Adobe Patches 11 Critical ColdFusion Flaws Amid 30 Total Vulnerabilities Discovered
/in General NewsAdobe has released security updates to fix a fresh set of security flaws, including multiple critical-severity bugs in ColdFusion versions 2025, 2023 and 2021 that could result in arbitrary file read and code execution.
Of the 30 flaws in the product, 11 are rated Critical in severity –
CVE-2025-24446 (CVSS score: 9.1) – An improper input validation vulnerability that could result in an
The Hacker News – Read More
NCSC shares technical details of spyware targeting Uyghur, Tibetan and Taiwanese groups
/in General NewsThe U.K.’s National Cyber Security Centre and international cybersecurity and intelligence agencies on Wednesday said hackers are deploying two forms of previously identified spyware to snoop on Uyghur, Tibetan and Taiwanese individuals and civil society organizations.
The Record from Recorded Future News – Read More
Microsoft Drops Another Massive Patch Update
/in General NewsA threat actor has already exploited one of the flaws in a ransomware campaign with victims in the US and other countries.
darkreading – Read More
Medusa Ransomware Claims NASCAR Breach in Latest Attack
/in General NewsMedusa ransomware hits NASCAR, demands $4M ransom, leaks internal files. Group also claims Bridgebank, McFarland, and Pulse Urgent Care.
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More