🐛 COMMON VULNERABILITIES AND EXPOSURES 8[−]
30 AprWeb Scanning Sonicwall for CVE-2021-20016, (Tue, Apr 29th)There was a post initially published in January 2022 showing an exploitable "probable zero-day vulnerabilities"[ 1 ] for Sonicwall but looking back in what has been submitted in the past year to ISC, this past week was the first time we have been getting some reports. T…ISC.SANS.EDU
30 AprCVE-2025-30391 Microsoft Dynamics Information Disclosure VulnerabilityImproper input validation in Microsoft Dynamics allows an unauthorized attacker to disclose information over a network.MSRC.MICROSOFT.COM
30 AprCVE-2025-30389 Azure Bot Framework SDK Elevation of Privilege VulnerabilityImproper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
30 AprCVE-2025-33074 Azure Functions Remote Code Execution VulnerabilityImproper verification of cryptographic signature in Microsoft Azure Functions allows an authorized attacker to execute code over a network.MSRC.MICROSOFT.COM
30 AprCVE-2025-30390 Azure ML Compute Elevation of Privilege VulnerabilityImproper authorization in Azure allows an authorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
30 AprCVE-2025-30392 Azure AI bot Elevation of Privilege VulnerabilityImproper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
30 AprCVE-2025-21416 Azure Virtual Desktop Elevation of Privilege VulnerabilityMissing authorization in Azure Virtual Desktop allows an authorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
30 AprKritische Zero-Day-Schwachstelle in SAP NetWeaverwidth="1888" height="1062" sizes="(max-width: 1888px) 100vw, 1888px"> Hacker könnten über eine Schwachstelle im NetWeaver auf SAP-Systeme zugreifen, Schadcode einschleusen und so die Kontrolle übernehmen. TenPixels – shutterstock.com Angreifer nutzen seit dem 21. April 2025 eine …CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 14[−]
30 AprChinese Hackers Abuse IPv6 SLAAC for AitM Attacks via Spellbinder Lateral Movement ToolA China-aligned advanced persistent threat (APT) group called TheWizards has been linked to a lateral movement tool called Spellbinder that can facilitate adversary-in-the-middle (AitM) attacks. "Spellbinder enables adversary-in-the-middle (AitM) attacks, through IPv6 stateless a…THEHACKERNEWS.COM
30 AprRansomHub Went Dark April 1; Affiliates Fled to Qilin, DragonForce Claimed ControlCybersecurity researchers have revealed that RansomHub's online infrastructure has "inexplicably" gone offline as of April 1, 2025, prompting concerns among affiliates of the ransomware-as-a-service (RaaS) operation. Singaporean cybersecurity company Group-IB said that this may h…THEHACKERNEWS.COM
30 AprMeta Launches LlamaFirewall Framework to Stop AI Jailbreaks, Injections, and Insecure CodeMeta on Tuesday announced LlamaFirewall, an open-source framework designed to secure artificial intelligence (AI) systems against emerging cyber risks such as prompt injection, jailbreaks, and insecure code, among others. The framework, the company said, incorporates three guardr…THEHACKERNEWS.COM
30 AprCybercriminals Impersonate DHS Amid Deportation EffortsResearchers at INKY warn that criminals are impersonating the US Department of Homeland Security to launch phishing scams.KNOWBE4.COM
30 AprResearchers Warn of Surge in Infostealers Delivered Via PhishingThe number of infostealers delivered via phishing emails increased by 84% last year, according to a new report from IBM’s X-Force researchers. Threat actors are using these malware strains to steal credentials for use in follow-on attacks.KNOWBE4.COM
30 AprSmashing Security podcast #415: Hacking hijinks at the hospital, and WASPI scamsHe's not a pop star, but Jeffrey Bowie is alleged to have toured staff areas of a hospital in Oklahoma, hunting for computers he could install spyware on. We dive into the bizarre case of the man accused of hacking medical networks and then sharing how he did it on LinkedIn. Plus…GRAHAMCLULEY.COM
30 AprRussian APT28 hackers have redoubled efforts during Ukraine war, says French security agencyThe war in Ukraine has prompted a resurgence in activity by the notorious Russian APT28/Fancy Bear group, the French ANSSI cybersecurity agency has said. According to a brief report published by the agency this week, Targeting and Compromise of French Entities Using the APT28 Int…CSOONLINE.COM
30 AprHPE adds ‘digital circuit breaker’ to protect GreenLake customersHPE has introduced new security features for its Aruba Networking and GreenLake platforms to enhance cloud and network security in hybrid IT environments. The updates, announced at the RSA 2025 conference, include an AI-driven policy engine for network access control, tighter int…CSOONLINE.COM
30 AprRSA Conference 2025 — News and analysisThe RSA 2025 Conference is back in San Francisco and, as always, is packed with the latest on cybersecurity trends, technologies, and insights. Keynote speakers include industry leaders, security experts, and maybe even some surprise guests. You can anticipate a wide range of top…CSOONLINE.COM
30 AprCybercriminals intensify hunt for exposed Git secretsGit configuration files exposed in public repositories are being aggressively dug up and looked into by threat actors to reveal sensitive secrets and authentication tokens unintentionally left behind in Git projects. A GreyNoise observation recorded a significant spike in search …CSOONLINE.COM
30 AprThe CISO cloud security conundrum: Buy vs. build vs. bothCloud security isn’t just about finding risks — it’s about fixing them, and fast. Every organization using the cloud faces the same problem: too much data, too many alerts, and not enough resources to deal with them all. Security teams are drowning in information, struggling to s…CSOONLINE.COM
30 AprCyberkriminelle passen ihre Angriffsvektoren anHacker zielen vermehrt auf KMUs und ihre Edge-Geräte und VPNs. PR Image Factory – shutterstock.com Cyberkriminelle bleiben einfallsreich und machen sich technische Neuerungen schnell sowie effektiv zu nutzen. Sowohl dadurch als auch durch eine gestiegene Sensibilität für vorhande…CSOONLINE.COM
30 AprCNAPP-KaufratgeberGorodenkoff | shutterstock.com Cloud Security bleibt ein diffiziles Thema und die Tools, mit denen sie sich gewährleisten lässt, werden zunehmend komplexer und schwieriger zu durchschauen – auch dank der ungebrochenen Liebe der Branche zu Akronymen . Mit CNAPP kommt nun ein weite…CSOONLINE.COM
30 AprRisky Business #789 -- Apple's AirPlay vulns are surprisingly awfulOn this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news: British retail stalwart Marks & Spencer gets cybered South Korean telco sets out to replace all its subscriber SIMs after (we assume) it lost the keymat It’s a good exploit week! Bugs in …RISKY.BIZ
📋 SECURITY BULLETINS 1[−]
30 AprHackers abuse IPv6 networking feature to hijack software updatesA China-aligned APT threat actor named "TheWizards" abuses an IPv6 networking feature to launch adversary-in-the-middle (AitM) attacks that hijack software updates to install Windows malware. [...]BLEEPINGCOMPUTER.COM
🔥 INCIDENT REPORTING 3[−]
30 AprCybersecurity Incidents: Musk's Staffers, Canadian Power Utility Attack, and Massive Password LeakIn this episode of Cybersecurity Today, host Jim Love discusses several major cybersecurity events. Two members of Elon Musk's 'Department of Government Efficiency' reportedly gained access to classified US nuclear networks, though accounts were never activated. Nova Scotia Power…CYBERSECURITYTODAY.LIBSYN.COM
30 AprAlleged ‘Scattered Spider’ Member Extradited to U.S.A 23-year-old Scottish man thought to be a member of the prolific Scattered Spider cybercrime group was extradited last week from Spain to the United States, where he is facing charges of wire fraud, conspiracy and identity theft. U.S. prosecutors allege Tyler Robert Buchanan and…KREBSONSECURITY.COM
30 AprUK retail giant Co-op warns of disruption as it battles cyberattackThe U.K. grocery and retail giant said the unspecified cyber incident is affecting its back office and call centers.TECHCRUNCH.COM
🕵️ THREAT INTELLIGENCE 9[−]
30 AprWhatsApp Case Against NSO Group ProgressingMeta is suing NSO Group, basically claiming that the latter hacks WhatsApp and not just WhatsApp users. We have a procedural ruling: Under the order , NSO Group is prohibited from presenting evidence about its customers’ identities, implying the targeted WhatsApp users are …SCHNEIER.COM
30 AprNebulous Mantis Targets NATO-Linked Entities with Multi-Stage Malware AttacksCybersecurity researchers have shed light on a Russian-speaking cyber espionage group called Nebulous Mantis that has deployed a remote access trojan called RomCom RAT since mid-2022. RomCom "employs advanced evasion techniques, including living-off-the-land (LOTL) tactics and en…THEHACKERNEWS.COM
30 AprISC Stormcast For Wednesday, April 30th, 2025 https://isc.sans.edu/podcastdetail/9430, (Wed, Apr 30th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
30 Apr14 secure coding tips: Learn from the experts at Microsoft BuildAt Microsoft Build 2025, we’re bringing together security engineers, researchers, and developers to share practical tips and modern best practices to help you ship secure code faster. The post 14 secure coding tips: Learn from the experts at Microsoft Build appeared first on Micr…TECHCOMMUNITY.MICROSOFT.COM
30 AprA Sneaky T-Mobile Scam and Lessons That Were LearnedA friend of mine got a call on his phone and he regrettably picked it up. The number was 267-332-3644. The area code is from Bucks County, PA, where he used to live many years ago.KNOWBE4.COM
30 AprNews alert: Link11 integrates DOSarrest, Reblaze to deliver advanced, integrated security platformFrankfurt, Apr.30, 2025, CyberNewswire – Link11 , DOSarrest, and Reblaze have combined their strengths into a single, integrated platform with a new brand identity. The result: a consistent user experience, maximum efficiency, and seamless security. As a European provider, Link11…LASTWATCHDOG.COM
30 AprEarth Kasha Updates TTPs in Latest Campaign Targeting Taiwan and JapanThis blog discusses the latest modifications observed in Earth Kasha’s TTPs from their latest campaign detected in March 2025 targeting Taiwan and Japan.TRENDMICRO.COM
30 AprWhat are You Working on Wednesdaysubmitted by shellsharks to cybersecurity 4 points | 2 comments Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.INFOSEC.PUB
30 AprTheWizards APT group uses SLAAC spoofing to perform adversary-in-the-middle attacksESET researchers analyzed Spellbinder, a lateral movement tool used to perform adversary-in-the-middle attacksWELIVESECURITY.COM
🌐 CYBER THREAT LANDSCAPE 2[−]
30 AprWordPress plugin disguised as a security tool injects backdoorA new malware campaign targeting WordPress sites employs a malicious plugin disguised as a security tool to trick users into installing and trusting it. [...]BLEEPINGCOMPUTER.COM
30 AprApple notifies new victims of spyware attacks across the worldTwo alleged victims came forward claiming they received a spyware notification from Apple.TECHCRUNCH.COM
📡 INFOSEC NEWS 5[−]
30 AprResearchers Demonstrate How MCP Prompt Injection Can Be Used for Both Attack and DefenseAs the field of artificial intelligence (AI) continues to evolve at a rapid pace, fresh research has found how techniques that render the Model Context Protocol (MCP) susceptible to prompt injection attacks could be used to develop security tooling or identify malicious tools, ac…THEHACKERNEWS.COM
30 Apr[Free Webinar] Guide to Securing Your Entire Identity Lifecycle Against AI-Powered ThreatsHow Many Gaps Are Hiding in Your Identity System? It’s not just about logins anymore. Today’s attackers don’t need to “hack” in—they can trick their way in. Deepfakes, impersonation scams, and AI-powered social engineering are helping them bypass traditional defenses and slip thr…THEHACKERNEWS.COM
30 AprCustomer Account Takeovers: The Multi-Billion Dollar Problem You Don’t Know AboutEveryone has cybersecurity stories involving family members. Here’s a relatively common one. The conversation usually goes something like this: “The strangest thing happened to my streaming account. I got locked out of my account, so I had to change my password. When I logg…THEHACKERNEWS.COM
30 AprIndian Court Orders Action to Block Proton Mail Over AI Deepfake Abuse AllegationsA high court in the Indian state of Karnataka has ordered the blocking of end-to-end encrypted email provider Proton Mail across the country. The High Court of Karnataka, on April 29, said the ruling was in response to a legal complaint filed by M Moser Design Associated India Pv…THEHACKERNEWS.COM
30 AprCreating a strong and easy-to-remember password | Kaspersky official blogWorld Password Day: tips for creating unique and strong passwords, how to best remember them, and what neural networks have to do with this.KASPERSKY.COM