Non classé

Broadcom has released security updates to patch five security flaws impacting VMware Aria Operations and Aria Operations for Logs, warning customers that attackers could exploit them to gain elevated access or obtain sensitive information.
The list of identified flaws, which impact versions 8.x of the software, is below –

CVE-2025-22218 (CVSS score: 8.5) – A malicious actor with View Only Admin

Broadcom has released security updates to patch five security flaws impacting VMware Aria Operations and Aria Operations for Logs, warning customers that attackers could exploit them to gain elevated access or obtain sensitive information.
The list of identified flaws, which impact versions 8.x of the software, is below –

CVE-2025-22218 (CVSS score: 8.5) – A malicious actor with View Only Admin

Over 57 distinct threat actors with ties to China, Iran, North Korea, and Russia have been observed using artificial intelligence (AI) technology powered by Google to further enable their malicious cyber and information operations.
« Threat actors are experimenting with Gemini to enable their operations, finding productivity gains but not yet developing novel capabilities, » Google Threat

Over 57 distinct threat actors with ties to China, Iran, North Korea, and Russia have been observed using artificial intelligence (AI) technology powered by Google to further enable their malicious cyber and information operations.
« Threat actors are experimenting with Gemini to enable their operations, finding productivity gains but not yet developing novel capabilities, » Google Threat

An international law enforcement operation has dismantled the domains associated with various online platforms linked to cybercrime such as Cracked, Nulled, Sellix, and StarkRDP.
The effort has targeted the following domains –

www.cracked.io
www.nulled.to
www.mysellix.io
www.sellix.io
www.starkrdp.io

Visitors to these websites are now greeted by a seizure banner that says they were confiscated

An international law enforcement operation has dismantled the domains associated with various online platforms linked to cybercrime such as Cracked, Nulled, Sellix, and StarkRDP.
The effort has targeted the following domains –

www.cracked.io
www.nulled.to
www.mysellix.io
www.sellix.io
www.starkrdp.io

Visitors to these websites are now greeted by a seizure banner that says they were confiscated

Cybersecurity researchers have disclosed a critical security flaw in the Lightning AI Studio development platform that, if successfully exploited, could allow for remote code execution.
The vulnerability, rated a CVSS score of 9.4, enables « attackers to potentially execute arbitrary commands with root privileges » by exploiting a hidden URL parameter, application security firm Noma said in a

Cybersecurity researchers have disclosed a critical security flaw in the Lightning AI Studio development platform that, if successfully exploited, could allow for remote code execution.
The vulnerability, rated a CVSS score of 9.4, enables « attackers to potentially execute arbitrary commands with root privileges » by exploiting a hidden URL parameter, application security firm Noma said in a

The job of a SOC analyst has never been easy. Faced with an overwhelming flood of daily alerts, analysts (and sometimes IT teams who are doubling as SecOps) must try and triage thousands of security alerts—often false positives—just to identify a handful of real threats. This relentless, 24/7 work leads to alert fatigue, desensitization, and increased risk of missing critical security incidents.

The job of a SOC analyst has never been easy. Faced with an overwhelming flood of daily alerts, analysts (and sometimes IT teams who are doubling as SecOps) must try and triage thousands of security alerts—often false positives—just to identify a handful of real threats. This relentless, 24/7 work leads to alert fatigue, desensitization, and increased risk of missing critical security incidents.

Buzzy Chinese artificial intelligence (AI) startup DeepSeek, which has had a meteoric rise in popularity in recent days, left one of its databases exposed on the internet, which could have allowed malicious actors to gain access to sensitive data.
The ClickHouse database « allows full control over database operations, including the ability to access internal data, » Wiz security researcher Gal

Buzzy Chinese artificial intelligence (AI) startup DeepSeek, which has had a meteoric rise in popularity in recent days, left one of its databases exposed on the internet, which could have allowed malicious actors to gain access to sensitive data.
The ClickHouse database « allows full control over database operations, including the ability to access internal data, » Wiz security researcher Gal

Three security flaws have been disclosed in the open-source PHP package Voyager that could be exploited by an attacker to achieve one-click remote code execution on affected instances.
« When an authenticated Voyager user clicks on a malicious link, attackers can execute arbitrary code on the server, » Sonar researcher Yaniv Nizry said in a write-up published earlier this week.

The

Three security flaws have been disclosed in the open-source PHP package Voyager that could be exploited by an attacker to achieve one-click remote code execution on affected instances.
« When an authenticated Voyager user clicks on a malicious link, attackers can execute arbitrary code on the server, » Sonar researcher Yaniv Nizry said in a write-up published earlier this week.

The

A Mirai botnet variant dubbed Aquabot has been observed actively attempting to exploit a medium-severity security flaw impacting Mitel phones in order to ensnare them into a network capable of mounting distributed denial-of-service (DDoS) attacks.
The vulnerability in question is CVE-2024-41710 (CVSS score: 6.8), a case of command injection in the boot process that could allow a malicious actor

A Mirai botnet variant dubbed Aquabot has been observed actively attempting to exploit a medium-severity security flaw impacting Mitel phones in order to ensnare them into a network capable of mounting distributed denial-of-service (DDoS) attacks.
The vulnerability in question is CVE-2024-41710 (CVSS score: 6.8), a case of command injection in the boot process that could allow a malicious actor

The North Korean threat actor known as the Lazarus Group has been observed leveraging a « web-based administrative platform » to oversee its command-and-control (C2) infrastructure, giving the adversary the ability to centrally supervise all aspects of their campaigns.
« Each C2 server hosted a web-based administrative platform, built with a React application and a Node.js API, » SecurityScorecard’s

The North Korean threat actor known as the Lazarus Group has been observed leveraging a « web-based administrative platform » to oversee its command-and-control (C2) infrastructure, giving the adversary the ability to centrally supervise all aspects of their campaigns.
« Each C2 server hosted a web-based administrative platform, built with a React application and a Node.js API, » SecurityScorecard’s

AI in Cybersecurity: What’s Effective and What’s Not – Insights from 200 Experts

Curious about the buzz around AI in cybersecurity? Wonder if it’s just a shiny new toy in the tech world or a serious game changer? Let’s unpack this together in a not-to-be-missed webinar that goes beyond the hype to explore the real impact of AI on cybersecurity.
Join Ravid Circus, a seasoned pro in cybersecurity and AI, as we peel back the layers of AI in cybersecurity through a revealing

Curious about the buzz around AI in cybersecurity? Wonder if it’s just a shiny new toy in the tech world or a serious game changer? Let’s unpack this together in a not-to-be-missed webinar that goes beyond the hype to explore the real impact of AI on cybersecurity.
Join Ravid Circus, a seasoned pro in cybersecurity and AI, as we peel back the layers of AI in cybersecurity through a revealing