Non classé

Veeam Patches CVE-2025-23121: Critical RCE Bug Rated 9.9 CVSS in Backup & Replication

Veeam has rolled out patches to contain a critical security flaw impacting its Backup & Replication software that could result in remote code execution under certain conditions.
The security defect, tracked as CVE-2025-23121, carries a CVSS score of 9.9 out of a maximum of 10.0.
« A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user, » the

Veeam has rolled out patches to contain a critical security flaw impacting its Backup & Replication software that could result in remote code execution under certain conditions.
The security defect, tracked as CVE-2025-23121, carries a CVSS score of 9.9 out of a maximum of 10.0.
« A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user, » the

Iran has throttled internet access in the country in a purported attempt to hamper Israel’s ability to conduct covert cyber operations, days after the latter launched an unprecedented attack on the country, escalating geopolitical tensions in the region.
Fatemeh Mohajerani, the spokesperson of the Iranian Government, and the Iranian Cyber Police, FATA, said the internet slowdown was designed to

Iran has throttled internet access in the country in a purported attempt to hamper Israel’s ability to conduct covert cyber operations, days after the latter launched an unprecedented attack on the country, escalating geopolitical tensions in the region.
Fatemeh Mohajerani, the spokesperson of the Iranian Government, and the Iranian Cyber Police, FATA, said the internet slowdown was designed to

A now-patched security flaw in Google Chrome was exploited as a zero-day by a threat actor known as TaxOff to deploy a backdoor codenamed Trinper.
The attack, observed in mid-March 2025 by Positive Technologies, involved the use of a sandbox escape vulnerability tracked as CVE-2025-2783 (CVSS score: 8.3).
Google addressed the flaw later that month after Kaspersky reported in-the-wild

A now-patched security flaw in Google Chrome was exploited as a zero-day by a threat actor known as TaxOff to deploy a backdoor codenamed Trinper.
The attack, observed in mid-March 2025 by Positive Technologies, involved the use of a sandbox escape vulnerability tracked as CVE-2025-2783 (CVSS score: 8.3).
Google addressed the flaw later that month after Kaspersky reported in-the-wild

Cybersecurity researchers have disclosed a now-patched security flaw in LangChain’s LangSmith platform that could be exploited to capture sensitive data, including API keys and user prompts.
The vulnerability, which carries a CVSS score of 8.8 out of a maximum of 10.0, has been codenamed AgentSmith by Noma Security.
LangSmith is an observability and evaluation platform that allows users to

Cybersecurity researchers have disclosed a now-patched security flaw in LangChain’s LangSmith platform that could be exploited to capture sensitive data, including API keys and user prompts.
The vulnerability, which carries a CVSS score of 8.8 out of a maximum of 10.0, has been codenamed AgentSmith by Noma Security.
LangSmith is an observability and evaluation platform that allows users to

Cybersecurity researchers are warning of a new phishing campaign that’s targeting users in Taiwan with malware families such as HoldingHands RAT and Gh0stCringe.
The activity is part of a broader campaign that delivered the Winos 4.0 malware framework earlier this January by sending phishing messages impersonating Taiwan’s National Taxation Bureau, Fortinet FortiGuard Labs said in a report

Cybersecurity researchers are warning of a new phishing campaign that’s targeting users in Taiwan with malware families such as HoldingHands RAT and Gh0stCringe.
The activity is part of a broader campaign that delivered the Winos 4.0 malware framework earlier this January by sending phishing messages impersonating Taiwan’s National Taxation Bureau, Fortinet FortiGuard Labs said in a report

The notorious cybercrime group known as Scattered Spider (aka UNC3944) that recently targeted various U.K. and U.S. retailers has begun to target major insurance companies, according to Google Threat Intelligence Group (GTIG).
« Google Threat Intelligence Group is now aware of multiple intrusions in the U.S. which bear all the hallmarks of Scattered Spider activity, » John Hultquist, chief analyst

The notorious cybercrime group known as Scattered Spider (aka UNC3944) that recently targeted various U.K. and U.S. retailers has begun to target major insurance companies, according to Google Threat Intelligence Group (GTIG).
« Google Threat Intelligence Group is now aware of multiple intrusions in the U.S. which bear all the hallmarks of Scattered Spider activity, » John Hultquist, chief analyst

For many organizations, Active Directory (AD) service accounts are quiet afterthoughts, persisting in the background long after their original purpose has been forgotten. To make matters worse, these orphaned service accounts (created for legacy applications, scheduled tasks, automation scripts, or test environments) are often left active with non-expiring or stale passwords.
It’s no surprise

For many organizations, Active Directory (AD) service accounts are quiet afterthoughts, persisting in the background long after their original purpose has been forgotten. To make matters worse, these orphaned service accounts (created for legacy applications, scheduled tasks, automation scripts, or test environments) are often left active with non-expiring or stale passwords.
It’s no surprise

Hard-Coded ‘b’ Password in Sitecore XP Sparks Major RCE Risk in Enterprise Deployments

Cybersecurity researchers have disclosed three security flaws in the popular Sitecore Experience Platform (XP) that could be chained to achieve pre-authenticated remote code execution.
Sitecore Experience Platform is an enterprise-oriented software that provides users with tools for content management, digital marketing, and analytics and reports.
The list of vulnerabilities, which are yet to be

Cybersecurity researchers have disclosed three security flaws in the popular Sitecore Experience Platform (XP) that could be chained to achieve pre-authenticated remote code execution.
Sitecore Experience Platform is an enterprise-oriented software that provides users with tools for content management, digital marketing, and analytics and reports.
The list of vulnerabilities, which are yet to be

Ransomware has become a highly coordinated and pervasive threat, and traditional defenses are increasingly struggling to neutralize it. Today’s ransomware attacks initially target your last line of defense — your backup infrastructure. Before locking up your production environment, cybercriminals go after your backups to cripple your ability to recover, increasing the odds of a ransom payout.

Ransomware has become a highly coordinated and pervasive threat, and traditional defenses are increasingly struggling to neutralize it. Today’s ransomware attacks initially target your last line of defense — your backup infrastructure. Before locking up your production environment, cybercriminals go after your backups to cripple your ability to recover, increasing the odds of a ransom payout.

Cybersecurity researchers have called attention to a new campaign that’s actively exploiting a recently disclosed critical security flaw in Langflow to deliver the Flodrix botnet malware.
« Attackers use the vulnerability to execute downloader scripts on compromised Langflow servers, which in turn fetch and install the Flodrix malware, » Trend Micro researchers Aliakbar Zahravi, Ahmed Mohamed

Cybersecurity researchers have called attention to a new campaign that’s actively exploiting a recently disclosed critical security flaw in Langflow to deliver the Flodrix botnet malware.
« Attackers use the vulnerability to execute downloader scripts on compromised Langflow servers, which in turn fetch and install the Flodrix malware, » Trend Micro researchers Aliakbar Zahravi, Ahmed Mohamed