Non classé

Buzzy Chinese artificial intelligence (AI) startup DeepSeek, which has had a meteoric rise in popularity in recent days, left one of its databases exposed on the internet, which could have allowed malicious actors to gain access to sensitive data.
The ClickHouse database « allows full control over database operations, including the ability to access internal data, » Wiz security researcher Gal

Buzzy Chinese artificial intelligence (AI) startup DeepSeek, which has had a meteoric rise in popularity in recent days, left one of its databases exposed on the internet, which could have allowed malicious actors to gain access to sensitive data.
The ClickHouse database « allows full control over database operations, including the ability to access internal data, » Wiz security researcher Gal

Three security flaws have been disclosed in the open-source PHP package Voyager that could be exploited by an attacker to achieve one-click remote code execution on affected instances.
« When an authenticated Voyager user clicks on a malicious link, attackers can execute arbitrary code on the server, » Sonar researcher Yaniv Nizry said in a write-up published earlier this week.

The

Three security flaws have been disclosed in the open-source PHP package Voyager that could be exploited by an attacker to achieve one-click remote code execution on affected instances.
« When an authenticated Voyager user clicks on a malicious link, attackers can execute arbitrary code on the server, » Sonar researcher Yaniv Nizry said in a write-up published earlier this week.

The

A Mirai botnet variant dubbed Aquabot has been observed actively attempting to exploit a medium-severity security flaw impacting Mitel phones in order to ensnare them into a network capable of mounting distributed denial-of-service (DDoS) attacks.
The vulnerability in question is CVE-2024-41710 (CVSS score: 6.8), a case of command injection in the boot process that could allow a malicious actor

A Mirai botnet variant dubbed Aquabot has been observed actively attempting to exploit a medium-severity security flaw impacting Mitel phones in order to ensnare them into a network capable of mounting distributed denial-of-service (DDoS) attacks.
The vulnerability in question is CVE-2024-41710 (CVSS score: 6.8), a case of command injection in the boot process that could allow a malicious actor

The North Korean threat actor known as the Lazarus Group has been observed leveraging a « web-based administrative platform » to oversee its command-and-control (C2) infrastructure, giving the adversary the ability to centrally supervise all aspects of their campaigns.
« Each C2 server hosted a web-based administrative platform, built with a React application and a Node.js API, » SecurityScorecard’s

The North Korean threat actor known as the Lazarus Group has been observed leveraging a « web-based administrative platform » to oversee its command-and-control (C2) infrastructure, giving the adversary the ability to centrally supervise all aspects of their campaigns.
« Each C2 server hosted a web-based administrative platform, built with a React application and a Node.js API, » SecurityScorecard’s

AI in Cybersecurity: What’s Effective and What’s Not – Insights from 200 Experts

Curious about the buzz around AI in cybersecurity? Wonder if it’s just a shiny new toy in the tech world or a serious game changer? Let’s unpack this together in a not-to-be-missed webinar that goes beyond the hype to explore the real impact of AI on cybersecurity.
Join Ravid Circus, a seasoned pro in cybersecurity and AI, as we peel back the layers of AI in cybersecurity through a revealing

Curious about the buzz around AI in cybersecurity? Wonder if it’s just a shiny new toy in the tech world or a serious game changer? Let’s unpack this together in a not-to-be-missed webinar that goes beyond the hype to explore the real impact of AI on cybersecurity.
Join Ravid Circus, a seasoned pro in cybersecurity and AI, as we peel back the layers of AI in cybersecurity through a revealing

New SLAP & FLOP Attacks Expose Apple M-Series Chips to Speculative Execution Exploits

A team of security researchers from Georgia Institute of Technology and Ruhr University Bochum has demonstrated two new side-channel attacks targeting Apple silicon that could be exploited to leak sensitive information from web browsers like Safari and Google Chrome.
The attacks have been codenamed Data Speculation Attacks via Load Address Prediction on Apple Silicon (SLAP) and Breaking the

A team of security researchers from Georgia Institute of Technology and Ruhr University Bochum has demonstrated two new side-channel attacks targeting Apple silicon that could be exploited to leak sensitive information from web browsers like Safari and Google Chrome.
The attacks have been codenamed Data Speculation Attacks via Load Address Prediction on Apple Silicon (SLAP) and Breaking the

Ransomware attacks have reached an unprecedented scale in the healthcare sector, exposing vulnerabilities that put millions at risk. Recently, UnitedHealth revealed that 190 million Americans had their personal and healthcare data stolen during the Change Healthcare ransomware attack, a figure that nearly doubles the previously disclosed total. 
This breach shows just how deeply ransomware

Ransomware attacks have reached an unprecedented scale in the healthcare sector, exposing vulnerabilities that put millions at risk. Recently, UnitedHealth revealed that 190 million Americans had their personal and healthcare data stolen during the Change Healthcare ransomware attack, a figure that nearly doubles the previously disclosed total. 
This breach shows just how deeply ransomware

A critical security flaw has been disclosed in the Cacti open-source network monitoring and fault management framework that could allow an authenticated attacker to achieve remote code execution on susceptible instances.
The flaw, tracked as CVE-2025-22604, carries a CVSS score of 9.1 out of a maximum of 10.0.
« Due to a flaw in the multi-line SNMP result parser, authenticated users can inject

A critical security flaw has been disclosed in the Cacti open-source network monitoring and fault management framework that could allow an authenticated attacker to achieve remote code execution on susceptible instances.
The flaw, tracked as CVE-2025-22604, carries a CVSS score of 9.1 out of a maximum of 10.0.
« Due to a flaw in the multi-line SNMP result parser, authenticated users can inject

The advanced persistent threat (APT) group known as UAC-0063 has been observed leveraging legitimate documents obtained by infiltrating one victim to attack another target with the goal of delivering a known malware dubbed HATVIBE.
« This research focuses on completing the picture of UAC-0063’s operations, particularly documenting their expansion beyond their initial focus on Central Asia,

The advanced persistent threat (APT) group known as UAC-0063 has been observed leveraging legitimate documents obtained by infiltrating one victim to attack another target with the goal of delivering a known malware dubbed HATVIBE.
« This research focuses on completing the picture of UAC-0063’s operations, particularly documenting their expansion beyond their initial focus on Central Asia,

Broadcom has alerted of a high-severity security flaw in VMware Avi Load Balancer that could be weaponized by malicious actors to gain entrenched database access.
The vulnerability, tracked as CVE-2025-22217 (CVSS score: 8.6), has been described as an unauthenticated blind SQL injection.
« A malicious user with network access may be able to use specially crafted SQL queries to gain database

Broadcom has alerted of a high-severity security flaw in VMware Avi Load Balancer that could be weaponized by malicious actors to gain entrenched database access.
The vulnerability, tracked as CVE-2025-22217 (CVSS score: 8.6), has been described as an unauthenticated blind SQL injection.
« A malicious user with network access may be able to use specially crafted SQL queries to gain database