Exploitation

Cisco ASA Firewall Zero-Day Exploits Deliver RayInitiator and LINE VIPER Malware

The U.K. National Cyber Security Centre (NCSC) and Cisco have confirmed active exploitation of recently disclosed vulnerabilities in Cisco ASA firewalls to deploy highly persistent and evasive malware families, called RayInitiator and LINE VIPER. The campaign, attributed to a cluster named ArcaneDoor and linked to UAT4356 (aka Storm-1849), targets ASA 5500-X Series appliances, and in […]

Cisco ASA Firewall Zero-Day Exploits Deliver RayInitiator and LINE VIPER Malware Read More »

fake tesla websites

Sitecore Exploit Chain Links Cache Poisoning to RCE

New Vulnerabilities in Sitecore Experience Platform Security researchers from watchTowr Labs have uncovered three critical vulnerabilities in the Sitecore Experience Platform. If exploited, these flaws could allow attackers to perform information disclosure and even achieve remote code execution (RCE) on targeted systems. The reported vulnerabilities include: Sitecore released patches for CVE-2025-53693 and CVE-2025-53691 in June

Sitecore Exploit Chain Links Cache Poisoning to RCE Read More »

add a heading (10)

CISA Issues Warning on Citrix NetScaler Zero-Day RCE Exploit

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released an urgent advisory about a newly discovered zero-day flaw in Citrix NetScaler appliances. The issue, tracked as CVE-2025-7775, is a memory overflow vulnerability that enables remote code execution (RCE). Reports confirm that threat actors are already exploiting this weakness, which led to its immediate addition

CISA Issues Warning on Citrix NetScaler Zero-Day RCE Exploit Read More »

add a heading (3)

CISA Alerts on Citrix RCE and Privilege Escalation Flaws Being Exploited

CISA has released a critical security advisory highlighting three recently discovered vulnerabilities that are actively targeted by attackers. On August 25, 2025, these high-risk Common Vulnerabilities and Exposures (CVEs) were added to CISA’s Known Exploited Vulnerabilities (KEV) Catalog, signaling an urgent need for both government agencies and private organizations to act swiftly. Key Highlights Citrix

CISA Alerts on Citrix RCE and Privilege Escalation Flaws Being Exploited Read More »

add a heading (1)

Critical Tableau Server Flaw Allows Attackers to Upload and Execute Malicious Files

A severe security flaw has been discovered in Tableau Server, which could allow attackers to upload and execute malicious files, leading to full system takeover. This vulnerability, tracked as CVE-2025-26496 with a CVSS score of 9.6, impacts several versions of Tableau Server and Tableau Desktop on both Windows and Linux platforms. Key Highlights Tableau Server

Critical Tableau Server Flaw Allows Attackers to Upload and Execute Malicious Files Read More »

add a heading (1)

PoC Exploit and Technical Analysis Published for Apple Zero-Day RCE Vulnerability

A newly disclosed critical zero-click exploit (CVE-2025-43300) poses a serious threat to Apple devices. The flaw exists in Apple’s RawCamera.bundle, specifically within the JPEG Lossless Decompression implementation, and allows attackers to execute arbitrary code by sending maliciously crafted DNG (Digital Negative) files. What makes this vulnerability alarming is that no user interaction is required. Simply

PoC Exploit and Technical Analysis Published for Apple Zero-Day RCE Vulnerability Read More »

add a heading (28)

Russian Hackers Exploit 7-Year-Old Cisco Flaw to Steal Industrial Configs

A Russian state-backed cyber espionage group known as Static Tundra has been exploiting a seven-year-old flaw in Cisco networking devices to steal sensitive configuration data and maintain hidden access across critical infrastructure networks. This group, tied to Russia’s Federal Security Service (FSB) Center 16, has been targeting outdated and unpatched devices since 2015. Their operations

Russian Hackers Exploit 7-Year-Old Cisco Flaw to Steal Industrial Configs Read More »

add a heading (9)

FBI Warns: FSB-Linked Hackers Exploit Unpatched Cisco Devices

A Russian state-backed cyber espionage group known as Static Tundra has been actively abusing a seven-year-old Cisco vulnerability to maintain long-term access to targeted networks. Targets and Regions Affected According to Cisco Talos, the campaign is directed at organizations in telecommunications, higher education, and manufacturing across North America, Europe, Asia, and Africa. Victims are chosen

FBI Warns: FSB-Linked Hackers Exploit Unpatched Cisco Devices Read More »

add a heading (11)

Hackers Use CrossC2 to Run Cobalt Strike on Linux, macOS

CrossC2 Expands Cobalt Strike Capabilities to Linux and macOS A new advanced cyber campaign has surfaced, leveraging CrossC2, an unofficial extension of Cobalt Strike, to extend its functionality from Windows systems into Linux and macOS environments. Multi-Stage Attack Chain Between September and December 2024, researchers observed a series of incidents involving this cross-platform malware, signaling

Hackers Use CrossC2 to Run Cobalt Strike on Linux, macOS Read More »

SSHamble, a New Open-Source Tool to Exploit Vulnerabilities in the SSH Protocol

SSHamble – An Advanced Open-Source Tool for Uncovering SSH Vulnerabilities SSHamble is a cutting-edge open-source reconnaissance utility built to detect and exploit security weaknesses in SSH protocol implementations across internet-facing systems. First showcased at DEFCON 33, the tool has already revealed major flaws in enterprise networking equipment and exposed widespread SSH misconfigurations impacting millions of

SSHamble, a New Open-Source Tool to Exploit Vulnerabilities in the SSH Protocol Read More »