A significant zero-day vulnerability in Zyxel CPE series devices, identified as CVE-2024-40891, is being actively exploited by attackers. This vulnerability enables attackers to execute arbitrary commands on affected devices, posing significant risks of system compromise, data theft, and network infiltration.…
Tag: Cyber Security News
Fake DeepSeek Campaign Attacking macOS Users to Deliver Poseidon Malware
A new cyberattack campaign, dubbed the “Fake DeepSeek Campaign,” has been discovered targeting macOS users. DeepSeek, a Chinese-developed AI chatbot, has rapidly gained popularity globally. Threat Actors started exploiting its popularity to deliver malware & infect users’ computers. This campaign is…
Azure Key Vault Vulnerabilities Could Leak Sensitive Data After Entra ID Breach
A detailed walkthrough demonstrates how attackers can manipulate Azure Key Vault’s access policies after compromising Entra ID (formerly Azure AD) credentials. According to Faran Siddiqui, a penetration tester report, a “Key Vault 06 – Abuse Decryption Key,” shed light on…
Cloudflare’s Data Pipeline Powered to Handle 700 Million Events Per Second
Cloudflare revealed how its data pipeline has achieved unprecedented scalability, processing up to 706 million events per second as of December 2024 representing a staggering 100x growth since 2018. This massive data flow, which peaks at 107 GiB/s of compressed…
PowerSchool Starts Notifying Students Following Massive Breach
PowerSchool, a leading U.S.-based education technology provider, has begun notifying students, teachers, and other affected individuals following a massive data breach that occurred in December 2024. The breach, which compromised sensitive personal information, is one of the largest cybersecurity incidents…
VMware Avi Load Balancer Vulnerability Let Attackers Gain Database Access
Broadcom disclosed a critical vulnerability affecting its Avi Load Balancer product. The vulnerability, identified as CVE-2025-22217, is an unauthenticated blind SQL injection vulnerability that could allow attackers with network access to execute specially crafted SQL queries to gain unauthorized access…
How SOC/DFIR Teams Prevent Ransomware Threats in Healthcare – A Case Study on Interlock Ransomware
Ransomware attacks targeting the healthcare sector have become increasingly challenging to manage due to financial losses and the risks posed to patient safety and operational continuity. Researchers at ANR.RUN analyze the impact of ransomware threats in healthcare, using the notorious…
EU Sanctioned Three Russian Hackers for Attacking Govt Agencies
The European Union today imposed sanctions on three Russian military intelligence officers for their involvement in a series of cyberattacks targeting Estonian government agencies in 2020. The individuals, identified as Nikolay Alexandrovich Korchagin, Vitaly Shevchenko, and Yuriy Fedorovich Denisov, are…
Hackers Stolen $85 Million Worth of Cryptocurrency from Phemex
Phemex, a cryptocurrency exchange based in Singapore, suffered a significant cyberattack that resulted in the theft of $85 million worth of digital assets. The platform’s hot wallets, which are linked to the internet for real-time transactions, were the primary target…
Vulnerabilities in Telecom Networks Let Hackers Gain Access to 3,000 Companies
Cybersecurity researchers have exposed critical vulnerabilities in a telecom network that allowed unauthorized access to sensitive data and control over 3,000 companies. The research revealed obvious vulnerabilities in the network’s backend APIs, authentication systems, and Know Your Customer (KYC) processes,…