Vulnerabilities

China-Linked Tick APT Exploits Lanscope Zero-Day to Compromise Corporate Networks

A sophisticated cyber espionage group known as Tick has been identified as the actor behind the exploitation of a critical, recently disclosed zero-day vulnerability in Motex Lanscope Endpoint Manager. This campaign, targeting specific sectors for intelligence gathering, demonstrates the continued threat posed by advanced persistent threats (APTs) to corporate network security. The Zero-Day Vulnerability: CVE-2025-61932 […]

China-Linked Tick APT Exploits Lanscope Zero-Day to Compromise Corporate Networks Read More »

CISA and NSA Release Critical Security Guidance for WSUS and Microsoft Exchange Servers

In a joint cybersecurity advisory, U.S. and international agencies have released critical guidance to help organizations fortify their on-premise Microsoft Exchange Server environments against persistent threats. The guidance emphasizes that unprotected and misconfigured instances remain prime targets for malicious actors and outlines a comprehensive strategy to secure these vital communication hubs. A Unified Call to

CISA and NSA Release Critical Security Guidance for WSUS and Microsoft Exchange Servers Read More »

Eclipse Foundation Revokes Leaked Open VSX Tokens After Wiz Security Discovery

The Eclipse Foundation has taken decisive action to secure the Open VSX registry after a security report revealed that access tokens had been accidentally leaked within several Visual Studio Code extensions. This prompt response neutralizes a potential software supply chain attack that could have allowed threat actors to hijack extensions and distribute malware to unsuspecting

Eclipse Foundation Revokes Leaked Open VSX Tokens After Wiz Security Discovery Read More »

CISA Confirms Active Exploitation of Critical Vulnerabilities in Dassault and XWiki

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially confirmed that threat actors are actively exploiting critical security vulnerabilities in two widely used enterprise platforms: Dassault Systèmes’ DELMIA Apriso and the open-source XWiki. These flaws grant attackers the ability to execute arbitrary code and seize control of affected systems, prompting urgent calls for patching.

CISA Confirms Active Exploitation of Critical Vulnerabilities in Dassault and XWiki Read More »

TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves

A team of academic researchers from Georgia Tech, Purdue University, and Synkhronix has developed TEE.Fail, a practical side-channel method that can extract secrets from processor-based trusted execution environments, including Intel SGX, Intel TDX, AMD SEV-SNP, and Ciphertext Hiding. The technique uses inexpensive, off-the-shelf electronics to inspect DDR5 memory traffic, exposing weaknesses in current CPU TEE

TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves Read More »

Chrome Zero-Day Exploited to Deploy LeetAgent Spyware by Italian Memento Labs

A newly uncovered cyber espionage operation has revealed that a now-patched Google Chrome zero-day vulnerability was exploited to deploy a sophisticated spyware known as LeetAgent. According to research from Kaspersky, the operation has been linked to the Italian IT and security firm Memento Labs, known for developing surveillance tools. Operation ForumTroll and the Chrome Vulnerability

Chrome Zero-Day Exploited to Deploy LeetAgent Spyware by Italian Memento Labs Read More »

ChatGPT Atlas Browser Exploit Lets Attackers Plant Persistent Hidden Commands

Cybersecurity experts have uncovered a serious vulnerability in OpenAI’s ChatGPT Atlas browser, which could let attackers inject malicious commands into the AI assistant’s memory and execute unauthorized code. According to Or Eshed, Co-Founder and CEO of LayerX Security, “This exploit enables cybercriminals to implant harmful code, elevate privileges, or deploy malware on targeted systems,” as

ChatGPT Atlas Browser Exploit Lets Attackers Plant Persistent Hidden Commands Read More »

Over 706,000 BIND 9 Resolver Instances Exposed Online and Vulnerable to Cache Poisoning, PoC Released

A critical flaw has been uncovered in BIND 9 resolvers, which could allow attackers to poison DNS caches and redirect users to malicious domains. The vulnerability, tracked as CVE-2025-40778, affects more than 706,000 publicly exposed instances worldwide, according to data from internet scanning company Censys. With a CVSS score of 8.6, the bug arises from

Over 706,000 BIND 9 Resolver Instances Exposed Online and Vulnerable to Cache Poisoning, PoC Released Read More »

Newly Patched Critical Microsoft WSUS Vulnerability Actively Exploited

Microsoft has released an urgent out-of-band security update to address a critical vulnerability in Windows Server Update Services (WSUS). This flaw, identified as CVE-2025-59287, has a high CVSS score of 9.8 and is being actively exploited, with a publicly available proof-of-concept (PoC) already circulating. The vulnerability is a remote code execution (RCE) issue affecting WSUS

Newly Patched Critical Microsoft WSUS Vulnerability Actively Exploited Read More »

CISA Confirms Active Exploitation of Critical Lanscope Endpoint Manager Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability affecting Motex Lanscope Endpoint Manager to its Known Exploited Vulnerabilities (KEV) catalog. According to the agency, the flaw has been actively exploited in the wild, posing a significant risk to organizations using unpatched versions. Identified as CVE-2025-61932 and rated 9.3 (CVSS

CISA Confirms Active Exploitation of Critical Lanscope Endpoint Manager Vulnerability Read More »