Three critical bypasses in Ubuntu Linux’s unprivileged user namespace restrictions allow local attackers to escalate privileges and exploit kernel vulnerabilities. These bypasses affect Ubuntu 23.10 and 24.04 LTS systems, where AppArmor-based protections were introduced to limit namespace misuse. While not…
Tag: Cyber Security News
Multiple Dell Unity Vulnerabilities Let Attackers Compromise Affected System
Dell Technologies has released a critical security update addressing multiple severe vulnerabilities in its Unity enterprise storage systems that could allow attackers to execute arbitrary commands as root, delete critical system files, and perform other malicious activities without authentication. Security…
CrushFTP Vulnerability Exploited to Gain Full Server Access
A critical vulnerability (CVE-2025-2825) in CrushFTP, a widely used enterprise file transfer solution, allows attackers to bypass authentication and gain unauthorized server access. The vulnerability, which affects versions 10.0.0 through 10.8.3 and 11.0.0 through 11.3.0, received a CVSS score of…
ClickFake Interview – Lazarus Hackers Exploit Windows and macOS Users Fake Job Campaign
The Lazarus Group, a North Korean state-sponsored hacking collective, has launched a new campaign dubbed ClickFake Interview, targeting job seekers in the cryptocurrency industry. This malicious operation uses fake job interview websites to deploy a Go-based backdoor, known as GolangGhost,…
Earth Alux Hackers Employ VARGIET Malware to Attack Organizations
The cybersecurity landscape has been disrupted by Earth Alux, a China-linked advanced persistent threat (APT) group actively conducting espionage operations since the second quarter of 2023. Initially targeting the Asia-Pacific region, the group expanded its operations to Latin America by…
Hewlett Packard RCE Vulnerability Allows Attackers to Bypass Authentication and Execute Remote Commands
A critical unauthenticated remote code execution vulnerability (CVE-2024-13804) has been discovered in HPE Insight Cluster Management Utility (CMU) v8.2, enabling attackers to bypass authentication mechanisms and execute commands with root privileges on the backend server. This high-severity vulnerability affects a…
Microsoft Removes bypassnro.cmd in Windows 11 Insider To Stop Users from Installing OS Without MS Account
Microsoft has taken a decisive step in its latest Windows 11 Insider Preview Build 26200.5516 by removing the bypassnro.cmd script, effectively closing a loophole that allowed users to install Windows 11 without connecting to the internet or signing in with…
DarkCloud – An Advanced Stealer Malware Selling Via Telegram To Steal Data From Windows
DarkCloud is a sophisticated stealer malware that emerged in 2022, quickly positioning itself as one of the most prevalent threats in its category. This Windows-targeting malware has evolved significantly to extract sensitive information including browser data, FTP credentials, screenshots, keystrokes,…
Konni RAT Exploit Windows Explorer To Launches a Multi-Stage Attack in Windows
The notorious Konni RAT (Remote Access Trojan) has evolved to leverage a sophisticated Windows Explorer exploitation technique, enabling attackers to execute multi-stage attacks with enhanced stealth capabilities. This malware, historically linked to North Korean threat actors, has been observed targeting…
Threats Actors Hide Malware in WordPress Websites to Execute Code Remotely
Recent discoveries have uncovered a concerning trend where threat actors are strategically concealing malicious code within WordPress websites’ mu-plugins directory. This directory is particularly valuable for attackers as it loads automatically with WordPress, making detection and removal more challenging. The…