Chinese hackers weaponise new Ivanti CSA bugs to hit French public and private sector Chinese threat group “Houken” (overlapping Google Mandiant’s UNC5174) exploited three zero-day flaws in Ivanti Cloud Services Appliance (CSA) – CVE-2024-8963, CVE-2024-9380 and CVE-2024-8190 – to breach French government, telecoms, media, finance and transport bodies in September 2024. According to France’s cyber-security […]
The hidden weaknesses in AI SOC tools AI-driven Security Operations Centre (SOC) platforms promise faster triage and fewer false alarms, yet most depend on pre-trained models that only recognise a narrow set of threats. These fixed models can’t keep up with today’s constantly shifting alert landscape, forcing analysts back to manual work whenever an unfamiliar […]
Critical Sudo Bugs Hand Attackers Root Access – Patch Now Security researchers have uncovered two flaws in the ubiquitous Sudo utility that let any local user on vulnerable Linux and Unix-like systems gain root. • CVE-2025-32462 (CVSS 2.8) – a 12-year-old bug in the -h host option lets commands permitted for a different host run […]
Iranian attackers recently manipulated a small U.S. water-treatment station simply by logging in with the factory-set password “1111”. The incident led CISA to repeat years-old advice: default credentials remain one of the most abused weaknesses in operational-technology (OT) and IoT environments. Default passwords survive because they simplify initial set-up and bulk provisioning, yet they invite […]
Veeam rushes out fix for critical backup flaw Veeam has issued updates for Backup & Replication after researchers from CODE WHITE and watchTowr disclosed CVE-2025-23121, a remote-code-execution bug scored 9.9/10.0 on the CVSS scale. The flaw affects every Version 12 build up to 12.3.1.1139 and lets an authenticated Windows domain user run arbitrary code on […]
New Linux Bugs Give Attackers Instant Root – Patch Now Security firm Qualys has revealed two local-privilege-escalation bugs that, when chained, let any logged-in user on most Linux distributions become root in seconds. • CVE-2025-6018 sits in the PAM configuration shipped with openSUSE Leap 15 and SUSE Linux Enterprise 15, allowing a normal user to […]
Russian Hackers Use Gmail App Passwords to Beat 2FA Russian state-linked group APT29 (UNC6293) is using Google “application-specific passwords” (ASPs) to sidestep two-factor authentication on Gmail accounts. Posing as U.S. State Department officials, the attackers court academics and Kremlin critics over several weeks, then send a PDF instructing victims to generate a 16-digit ASP and […]
Chrome zero-day (CVE-2025-2783) exploited to plant ‘Trinper’ back-door A critical bug in Google Chrome, now fixed, was weaponised earlier this year by a little-known threat group called TaxOff. The flaw, tracked as CVE-2025-2783, allowed attackers to break out of Chrome’s sandbox and install a bespoke back-door dubbed Trinper. A slick phishing hook Victims first received […]
Threat actors increasingly exploit “orphaned” Active Directory (AD) service accounts logins originally created for legacy apps, test scripts or scheduled tasks that remain active with non-expiring passwords. Because these machine accounts sit outside normal user-lifecycle reviews, they often escape audits and accumulate dangerous permissions. An early-2024 botnet campaign against Microsoft 365 showed how attackers can […]
