Top 20 Cybersecurity International News
2025-03-12 15:13:32
Here's a summary of top cybersecurity news:
- Over 400 IPs Exploiting Multiple SSRF Vulnerabilities: A coordinated surge in exploitation of Server-Side Request Forgery (SSRF) vulnerabilities across multiple platforms has been observed. At least 400 IPs are actively exploiting multiple CVEs simultaneously.
Source: thehackernews.com - Microsoft Patches Actively Exploited Zero-Days: Microsoft released security updates to address 57 security vulnerabilities, including six zero-days actively exploited in the wild.
Source: thehackernews.com - Apple Patches WebKit Zero-Day Vulnerability: Apple released a security update for a zero-day flaw in WebKit that has been exploited in targeted attacks.
Source: thehackernews.com - Blind Eagle Hacks Colombian Institutions: The threat actor Blind Eagle has been targeting Colombian institutions and government entities since November 2024 using NTLM flaws and RATs.
Source: thehackernews.com - Ballista Botnet Exploits TP-Link Vulnerability: Unpatched TP-Link Archer routers are being targeted by the Ballista botnet, which exploits a remote code execution (RCE) vulnerability (CVE-2023-1389).
Source: thehackernews.com - SideWinder APT Targets Multiple Sectors: The SideWinder APT group is targeting maritime, nuclear, and IT sectors across Asia, the Middle East, and Africa.
Source: thehackernews.com - Moxa Fixes Authentication Bypass Vulnerability: Moxa has released a security update to address a critical authentication bypass vulnerability in its PT switches (CVE-2024-12297).
Source: thehackernews.com - CISA Adds Exploited Vulnerabilities to KEV List: CISA added five security flaws impacting Advantive VeraCore and Ivanti EPM to its Known Exploited Vulnerabilities (KEV) catalog.
Source: thehackernews.com - Polymorphic Attack Clones Browser Extensions: Researchers exposed a new technique where malicious browser extensions clone legitimate ones to steal credentials.
Source: thehackernews.com - KerioControl Firewall Vulnerability Exposes Systems: A severe vulnerability (CVE-2024-52875) in GFI KerioControl firewalls allows remote code execution (RCE).
Source: cybersecuritynews.com - SonicWall Firewalls Exploited: Attackers are exploiting a flaw (CVE-2024-53704) in SonicWall firewalls to hijack SSL VPN sessions.
Source: cybersecuritynews.com - Hackers Use Social Engineering to Exploit PowerShell: North Korean hacking group Emerald Sleet is tricking victims into running PowerShell commands.
Source: cybersecuritynews.com - zkLend DeFi Hack: The Ethereum-based DeFi protocol zkLend suffered a major breach, with $8.5 million stolen.
Source: cybersecuritynews.com - PAN-OS Authentication Bypass Exploited: Palo Alto Networks patched a high-severity authentication bypass vulnerability (CVE-2025-0108) in PAN-OS software.
Source: cybersecuritynews.com - Salt Typhoon Hackers Exploit Cisco Devices: The Chinese state-sponsored group Salt Typhoon exploited over 1,000 unpatched Cisco devices.
Source: cybersecuritynews.com - Microsoft SharePoint Connector Vulnerability: A critical SSRF vulnerability in Microsoft Power Platform’s SharePoint connector allowed attackers to impersonate users.
Source: cybersecuritynews.com - Apple Zero-Day Vulnerability: Apple released iOS and iPadOS 18.3.1 to address a zero-day vulnerability targeting USB Restricted Mode (CVE-2025-24200).
Source: cybersecuritynews.com - Ivanti CSA RCE Vulnerability: Ivanti patched a command injection vulnerability in its Cloud Services Appliance (CSA) (CVE-2024-47908).
Source: cybersecuritynews.com - OpenSSL MitM Vulnerability: A high-severity flaw in OpenSSL versions 3.2–3.4 could enable man-in-the-middle attacks (CVE-2024-12797).
Source: cybersecuritynews.com - Chrome Use-After-Free Vulnerability: Google released an urgent Chrome update addressing vulnerabilities, including a use-after-free flaw in the V8 JavaScript engine (CVE-2025-0995).
Source: cybersecuritynews.com