55Articles
7Categories
2025-05-08Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 11[−]
8 MaySonicWall Patches 3 Flaws in SMA 100 Devices Allowing Attackers to Run Code as RootSonicWall has released patches to address three security flaws affecting SMA 100 Secure Mobile Access (SMA) appliances that could be fashioned to result in remote code execution. The vulnerabilities are listed below - CVE-2025-32819 (CVSS score: 8.8) - A vulnerability in SMA100 a…THEHACKERNEWS.COM
8 MayCisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWTCisco has released software fixes to address a maximum-severity security flaw in its IOS XE Wireless Controller that could enable an unauthenticated, remote attacker to upload arbitrary files to a susceptible system. The vulnerability, tracked as CVE-2025-20188, has been rated 10…THEHACKERNEWS.COM
8 MayCVE-2025-33072 Microsoft msagsfeedback.azurewebsites.net Information Disclosure VulnerabilityImproper access control in Azure allows an unauthorized attacker to disclose information over a network.MSRC.MICROSOFT.COM
8 MayCVE-2025-29972 Azure Storage Resource Provider Spoofing VulnerabilityServer-Side Request Forgery (SSRF) in Azure allows an authorized attacker to perform spoofing over a network.MSRC.MICROSOFT.COM
8 MayCVE-2025-29827 Azure Automation Elevation of Privilege VulnerabilityImproper Authorization in Azure Automation allows an authorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
8 MayCVE-2025-29813 Azure DevOps Elevation of Privilege VulnerabilityAn elevation of privilege vulnerability exists when Visual Studio improperly handles pipeline job tokens. An attacker who successfully exploited this vulnerability could extend their access to a project. To exploit this vulnerability, an attacker would first have to have access t…MSRC.MICROSOFT.COM
8 MayCVE-2025-47733 Microsoft Power Apps Information Disclosure VulnerabilityServer-Side Request Forgery (SSRF) in Microsoft Power Apps allows an unauthorized attacker to disclose information over a networkMSRC.MICROSOFT.COM
8 MayChromium: CVE-2025-4372 Use after free in WebAudioThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202 5) for more information.MSRC.MICROSOFT.COM
8 MayCVE-2025-23123 (CVSS 10): Critical UniFi Protect Cameras Flaw Demands Immediate Updatessubmitted by kid to cybersecurity 8 points | 3 comments https://securityonline.info/cve-2025-23123-cvss-10-critical-unifi-protect-cameras-flaw-demands-immediate-updates/SH.ITJUST.WORKS
8 MayCisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWTsubmitted by kid to cybersecurity 5 points | 0 comments https://thehackernews.com/2025/05/cisco-patches-cve-2025-20188-100-cvss.htmlSH.ITJUST.WORKS
⚠️ VULNERABILITY DISCLOSURE 10[−]
8 May38,000+ FreeDrain Subdomains Found Exploiting SEO to Steal Crypto Wallet Seed PhrasesCybersecurity researchers have exposed what they say is an "industrial-scale, global cryptocurrency phishing operation" engineered to steal digital assets from cryptocurrency wallets for several years. The campaign has been codenamed FreeDrain by threat intelligence firms Sentine…THEHACKERNEWS.COM
8 MayCISA Releases Five Industrial Control Systems AdvisoriesCISA released five Industrial Control Systems (ICS) advisories on May 8, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-128-01 Horner Automation Cscape ICSA-25-128-02 Hitachi Energy RTU500 se…CISA.GOV
8 MayUsing AI to stop tech support scams in ChromePosted by Jasika Bawa, Andy Lim, and Xinghui Lu, Google Chrome Security Tech support scams are an increasingly prevalent form of cybercrime, characterized by deceptive tactics aimed at extorting money or gaining unauthorized access to sensitive data. In a tech support scam, the g…SECURITY.GOOGLEBLOG.COM
8 MayCISA warns of cyberattacks targeting the US oil and gas infrastructureThe Cybersecurity and Infrastructure Security Agency (CISA), along with the FBI, Department of Energy (DoE), and Environmental Protection Agency (EPA), has warned organizations of cyberattacks targeting Operational Technology ( OT ) and Industrial Control Systems (ICS) in the US …CSOONLINE.COM
8 MayCrowdStrike cuts 500 jobs in AI pivot, but flags risksCybersecurity giant CrowdStrike is cutting 500 jobs, or 5% of its nearly 10,000-strong workforce, as it pivots to an AI-driven operating model to chase “greater efficiencies” and a “$10 billion annual recurring revenue (ARR) target.” CrowdStrike CEO George Kurtz framed AI as a “f…CSOONLINE.COM
8 MayHow to capture forensic evidence for Microsoft 365Enterprise security has never been a box-checking exercise, but the list of necessary protection technologies and configurations never seems to get any shorter. And yet true peace of mind remains elusive. Consider the typical endpoint protection scenario: Your network is protecte…CSOONLINE.COM
8 MayIndia-Pakistan conflict underscores your C-suite’s need to prepare for warThis week began with UK Prime Minister Sir Keir Starmer ordering government officials to update their contingency plans in the event of all-out war. He noted that current plans are some 20 years old and “badly out of date.” Then the next day, we witnessed the kinetic confrontatio…CSOONLINE.COM
8 MaySix DDoS sites seized in multi-national law enforcement operationsubmitted by kid to cybersecurity 9 points | 0 comments https://cyberscoop.com/poland-ddos-arrests-europol-operation-poweroff/SH.ITJUST.WORKS
8 MayPlay ransomware exploited Windows logging flaw in zero-day attackssubmitted by kid to cybersecurity 8 points | 0 comments https://www.bleepingcomputer.com/news/security/play-ransomware-exploited-windows-logging-flaw-in-zero-day-attacks/SH.ITJUST.WORKS
8 MayOttoKit WordPress Plugin with 100K+ Installs Hit by Exploits Targeting Multiple Flawssubmitted by kid to cybersecurity 8 points | 0 comments https://thehackernews.com/2025/05/ottokit-wordpress-plugin-with-100k.htmlSH.ITJUST.WORKS
📢 SECURITY ADVISORIES 3[−]
8 MayUK under assault as number of ‘significant’ cyberattacks doubles: Foreign powers, ransomware gangs, AI threats drive surge in incidents affecting private businesses and government systemssubmitted by randomname to cybersecurity 9 points | 0 comments https://www.thetimes.com/uk/crime/article/uk-under-assault-as-number-of-significant-cyberattacks-doubles-w585d23j2 cross-posted from: scribe.disroot.org/post/2697498 cross-posted from: scribe.disroot.org/post/2697495 …INFOSEC.PUB
8 MayCISA warns of hackers targeting critical oil infrastructuresubmitted by kid to cybersecurity 22 points | 1 comments https://www.bleepingcomputer.com/news/security/cisa-warns-of-hackers-targeting-critical-oil-infrastructure/SH.ITJUST.WORKS
8 MayUK under assault as number of ‘significant’ cyberattacks doubles: Foreign powers, ransomware gangs, AI threats drive surge in incidents affecting private businesses and government systemssubmitted by randomname to cybersecurity 22 points | 0 comments https://www.thetimes.com/uk/crime/article/uk-under-assault-as-number-of-significant-cyberattacks-doubles-w585d23j2 cross-posted from: scribe.disroot.org/post/2697495 Archived link Foreign powers, ransomware gangs and…SH.ITJUST.WORKS
🔥 INCIDENT REPORTING 9[−]
8 MayFBI: End-of-life routers hacked for cybercrime proxy networksThe FBI warns that threat actors are deploying malware on end-of-life (EoL) routers to convert them into proxies sold on the 5Socks and Anyproxy networks. [...]BLEEPINGCOMPUTER.COM
8 MayEducation giant Pearson hit by cyberattack exposing customer dataEducation giant Pearson suffered a cyberattack, allowing threat actors to steal corporate data and customer information, BleepingComputer has learned. [...]BLEEPINGCOMPUTER.COM
8 MaySupply chain attack hits npm package with 45,000 weekly downloadsAn npm package named 'rand-user-agent' has been compromised in a supply chain attack to inject obfuscated code that activates a remote access trojan (RAT) on the user's system. [...]BLEEPINGCOMPUTER.COM
8 MayAfter the Breach: Finding new Partners with Solutions for Have I Been Pwned UsersPresently sponsored by: Join Snyk's May 15th event to discover how to establish a Security Champions program, bridging security and development For many years, people would come to Have I Been Pwned (HIBP), run a search on their email address, get the big red "Oh no - pwned!…TROYHUNT.COM
8 MaySecurity Tools Alone Don't Protect You — Control Effectiveness Does61% of security leaders reported suffering a breach due to failed or misconfigured controls over the past 12 months. This is despite having an average of 43 cybersecurity tools in place. This massive rate of security failure is clearly not a security investment problem. It is a c…THEHACKERNEWS.COM
8 MayQilin Ransomware Ranked Highest in April 2025 with 72 Data Leak DisclosuresThreat actors with ties to the Qilin ransomware family have leveraged malware known as SmokeLoader along with a previously undocumented .NET compiled loader codenamed NETXLOADER as part of a campaign observed in November 2024. "NETXLOADER is a new .NET-based loader that plays a c…THEHACKERNEWS.COM
8 MayA timeline of South Korean telco giant SKT’s data breachIn April, South Korea’s telco giant SK Telecom (SKT) was hit by a cyberattack that led to the theft of personal data on approximately 23 million customers, equivalent to almost half of the country’s 52 million residents. At a National Assembly hearing in Seoul on Thur…TECHCRUNCH.COM
8 MayOnRPG - 1,047,640 breached accountsIn July 2016, the now defunct free online games list website OnRPG suffered a data breach that was later redistributed as part of a larger corpus of data . The incident exposed just over 1M email and IP addresses alongside usernames and passwords stored as salted MD5 hashes.HAVEIBEENPWNED.COM
8 MayLockBit ransomware gang hacked, victim negotiations exposedsubmitted by kid to cybersecurity 21 points | 0 comments https://www.bleepingcomputer.com/news/security/lockbit-ransomware-gang-hacked-victim-negotiations-exposed/SH.ITJUST.WORKS
🕵️ THREAT INTELLIGENCE 15[−]
8 MayNICKEL TAPESTRY expands fraudulent worker operationsThe North Korean IT worker scheme grows to include organizations in Europe and Asia and industries beyond the technology sectorSOPHOS.COM
8 MayValarian Bags $20M Seed Capital for ‘Isolation-First’ Infrastructure TechBritish startup exits stealth with $20 million in seed-stage financing led by US investors Scout Ventures and Artis Ventures. The post Valarian Bags $20M Seed Capital for ‘Isolation-First’ Infrastructure Tech appeared first on SecurityWeek .SECURITYWEEK.COM
8 MayEuropol Announces More DDoS Service Takedowns, ArrestsFour people have been arrested in Poland and several websites associated with DDoS-for-hire services have been shut down. The post Europol Announces More DDoS Service Takedowns, Arrests appeared first on SecurityWeek .SECURITYWEEK.COM
8 MayWelcoming the Isle of Man Government to Have I Been PwnedPresently sponsored by: Join Snyk's May 15th event to discover how to establish a Security Champions program, bridging security and development Today we welcome the 39th government and first self-governing British Crown Dependency to Have I Been Pwned, The Isle of Man. Their Offi…TROYHUNT.COM
8 MayMirrorFace Targets Japan and Taiwan with ROAMINGMOUSE and Upgraded ANEL MalwareThe nation-state threat actor known as MirrorFace has been observed deploying malware dubbed ROAMINGMOUSE as part of a cyber espionage campaign directed against government agencies and public institutions in Japan and Taiwan. The activity, detected by Trend Micro in March 2025, i…THEHACKERNEWS.COM
8 MayRussian Hackers Using ClickFix Fake CAPTCHA to Deploy New LOSTKEYS MalwareThe Russia-linked threat actor known as COLDRIVER has been observed distributing a new malware called LOSTKEYS as part of an espionage-focused campaign using ClickFix-like social engineering lures. "LOSTKEYS is capable of stealing files from a hard-coded list of extensions and di…THEHACKERNEWS.COM
8 MayISC Stormcast For Thursday, May 8th, 2025 https://isc.sans.edu/podcastdetail/9442, (Thu, May 8th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
8 MayPhishing Kits Are Growing More Sophisticated; Focused on Bypassing MFAResearchers at Cisco Talos warn that major phishing kits continue to incorporate features that allow them to bypass multi-factor authentication (MFA).KNOWBE4.COM
8 MayDHL-Masche: Betrüger plündern Konten von Zehntausenden DeutschenCyberkriminelle haben Zehntausende Menschen in Deutschland mit gefälschten DHL-Nachrichten getäuscht. nikkimeel – shutterstock.com Laut einer Recherche des Bayerischen Rundfunks (BR) hat eine internationale Betrügerbande Zehntausende Menschen in Deutschland mit Phishing -Nachrich…CSOONLINE.COM
8 MayPalo Alto Networks: Champion in Two Canalys Global Leadership MatricesA Champion in 2 Canalys Global Leadership matrices for 2025 showcases our commitment to partner/customer success with AI-powered cybersecurity solutions. The post Palo Alto Networks: Champion in Two Canalys Global Leadership Matrices appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
8 MayDOGE software engineer’s computer infected by info-stealing malwaresubmitted by cm0002 to cybersecurity 234 points | 13 comments https://arstechnica.com/security/2025/05/doge-software-engineers-computer-infected-by-info-stealing-malware/INFOSEC.PUB
8 MayOperation PowerOFF Takes Down 9 DDoS Domainssubmitted by cm0002 to cybersecurity 2 points | 0 comments https://www.darkreading.com/threat-intelligence/operation-poweroff-takes-down-nine-ddos-domainsINFOSEC.PUB
8 MayThe many variants of the ClickFix social engineering tactic - Help Net Securitysubmitted by kid to cybersecurity 8 points | 1 comments https://www.helpnetsecurity.com/2025/05/08/clickfix-social-engineering-tactic-variants/SH.ITJUST.WORKS
8 MayOneDrive New Feature Allows Default Sync of Personal & Corporate Accountssubmitted by kid to cybersecurity 14 points | 3 comments https://cybersecuritynews.com/microsoft-onedrive-default-sync/SH.ITJUST.WORKS
8 MayThe Top Threat Actor Groups Targeting the Financial Sectorsubmitted by kid to cybersecurity 7 points | 0 comments https://flashpoint.io/blog/top-threat-actor-groups-targeting-financial-sector/SH.ITJUST.WORKS
🌐 CYBER THREAT LANDSCAPE 2[−]
8 MayMalicious PyPi package hides RAT malware, targets Discord devs since 2022A malicious Python package targeting Discord developers with remote access trojan (RAT) malware was spotted on the Python Package Index (PyPI) after more than three years. [...]BLEEPINGCOMPUTER.COM
8 MaySmashing Security podcast #416: High street hacks, and Disney’s Wingdings woeBrits face empty shelves and suspended meal deals as cybercriminals hit major high street retailers, and a terminated Disney employee gets revenge with a little help with Wingdings. Plus Graham challenges Carole to a game of "Malware or metal?", and we wonder just happens when yo…GRAHAMCLULEY.COM
📡 INFOSEC NEWS 5[−]
8 MayPutting the dampener on tamperersTaking a dive into Sophos Tamper ProtectionSOPHOS.COM
8 MayCisco fixes max severity IOS XE flaw letting attackers hijack devicesCisco has fixed a maximum severity flaw in IOS XE Software for Wireless LAN Controllers by a hard-coded JSON Web Token (JWT) that allows an unauthenticated remote attacker to take over devices. [...]BLEEPINGCOMPUTER.COM
8 MayNo Internet Access? SSH to the Rescue!, (Thu, May 8th)This quick diary is a perfect example of why I love Linux (or UNIX in general) operating system. There is always a way to "escape" settings imposed by an admin... ISC.SANS.EDU
8 MayPowerSchool paid a hacker’s ransom, but now schools say they are being extortedSchools in Toronto and North Carolina are reporting extortion attempts.TECHCRUNCH.COM
8 MayVC firm Insight Partners confirms personal data stolen during January hackThe venture capital firm has over $90 billion in assets under management, including cybersecurity giants.TECHCRUNCH.COM