The maintainers of the Python Package Index registry (PyPI), have announced a feature that allows package designers to archive a particular project as part efforts to improve supply-chain security. Facundo Tüesca, a senior engineer at Trail of Bits said, “Maintainers are now able to archive a project in order to let users know the project […]
The U.S. Cybersecurity and Infrastructure Security Agency added four security flaws on Tuesday to its Known exploited Vulnerabilities catalog (KEV), citing evidence of active exploitation. The list of vulnerabilities includes: CVE-2024-45194 (CVSS score: 7.8/9.8) – A forced browsing vulnerability that allows remote attackers to access unauthorized information.
CISA Adds Actively Exploited KEV Vulnerabilities, Urges Fixes By February 25 Read More »
A malware campaign was observed using TryCloudflare Tunnels and Python payloads to deliver a remote-access trojan (RAT) called AsyncRAT. Jyotika Sing, a researcher at Forcepoint X-Labs, said in an analysis that “AsyncRAT” is a remote-access trojan (RAT) which exploits the async/await patterns for efficient and asynchronous communication. It allows attackers to control infected devices
AsyncRAT campaign uses Python payloads and Cloudflare tunnels for stealth attacks Read More »
As the cybersecurity landscape continues its evolution, proactive vulnerability management is becoming a critical priority for IT teams and managed service providers. Recent trends show that organizations are prioritizing more frequent IT vulnerability assessments in order to identify and fix potential security flaws. MSPs and IT departments can benefit from staying informed about these trends.
The Future of IT Vulnerability Management: Key Trends Read More »
Veeam released patches to address an important security flaw in its Backup software. This vulnerability could allow an attacker execute arbitrary code on vulnerable systems. The CVSS score for the vulnerability, CVE-2025-231114, is 9.0 out 10. “A vulnerability in the Veeam Updater component which allows an attacker to use a Man-in-the-Middle to execute arbitrary codes
New Veeam flaw allows code execution via man-in-the-middle attack Read More »
Cyber attacks against various entities in Kyrgyzstan, Turkmenistan and other countries have been linked to Silent Lynx, a previously unknown threat actor. Subhajeet Singha, a researcher at Seqrite Labs, said in a report that “this threat group has targeted entities around Eastern Europe or Central Asia government think tanks that are involved in economic decision-making
Silent Lynx: Multi-Stage Cyberattacks Using PowerShell Loaders, Golang and C++ Loaders Read More »
Cybercriminals are increasingly using legitimate HTTP client tools to facilitate Account Takeover (ATO), attacks on Microsoft 365 environments. Enterprise security company Proofpoint has observed campaigns that use HTTP clients Axios or Node Fetch, to send HTTP requests to web servers and receive HTTP responses. “Originally sourced by public
Cybercriminals use Go Resty and node Fetch to spray 13 million passwords Read More »
The Lazarus Group, a North Korean-linked group, has been linked to a campaign that uses fake LinkedIn job offers to infect Windows, macOS and Linux with malware. According to cybersecurity firm Bitdefender, the scam starts with a message posted on a professional social network, enticing the victim with the promise of
New Lazarus Group campaign targets crypto wallets with JavaScript. Read More »
Cisco has released updates that address two critical security vulnerabilities in Identity Services Engine (ISE). These flaws could allow remote attackers execute arbitrary commands on vulnerable devices and elevate privileges. Below is a list of vulnerabilities. CVE-2025-20124 – An insecure Java serialization vulnerability in an API for Cisco ISE, which could allow an authenticated remote
Cisco Patches Critical Vulnerabilities in ISE Enabling Root CmdExec, and PrivEsc Read More »