Security Affairs
- Get link
- X
- Other Apps
"JPCERT/CC reports widespread exploitation of Array Networks AG Gateway vulnerability."
Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents. Accessed on 05 December 2025, 2317 UTC.
Content and Source via email subscription from https://feedly.com.
https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2Ffeed
Please check email link or scroll down to read your selections. Thanks for joining us today.
Russ Roberts (https://www.hawaiicybersecurityjournal.net).
21
Most popular
IoC > 1 IP
by Pierluigi Paganini / 9h
•6 TTPs
Array Networks AG gateways have been under active exploitation since August 2025 due to a command injection flaw, JPCERT/CC warns. A command injection flaw in Array Networks AG Series gateways, affecting DesktopDirect, has been exploited in the wild since August 2025; it was patched in May 2025. An attacker can exploit the flaw to execute arbitrary commands. “The DesktopDirect function of the Arr
13 TTPs
by Pierluigi Paganini / 11h
CISA details BRICKSTORM, a China-linked backdoor used by China-linked APTs to secure long-term persistence on compromised systems. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has disclosed technical details on BRICKSTORM , a backdoor used by China state-sponsored threat actors to gain and maintain long-term persistence on compromised systems, highlighting ongoing PRC cyber-es
Cloudflare blocked a record 29.7 Tbps DDoS attack from the AISURU botnet. The 69-second attack set a new high, though the target remains undisclosed. Cloudflare stopped a record 29.7 Tbps DDoS attack from the AISURU botnet , a 69-second barrage that set a new volume record. The cybersecurity firm did not disclose the name of the targeted organization. Cloudflare’s Q3 2025 DDoS Threat Report highl
11 Sneaky Ways Your Money Disappears
by Finance Buzz
sponsored
You’re smart—but these everyday traps fool almost everyone.
Yesterday
2 TTPs
by Pierluigi Paganini / 1d
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a new OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an OpenPLC ScadaBR flaw, tracked as CVE-2021-26828 (CVSS Score of 8.7), to its Known Exploited Vulnerabilities (KEV) catalog . The vulnerability is an unrestricted upload of file with dan
Hackers breached fintech firm Marquis, stealing personal and financial data, the security breach impacted over 780,000 people. Hackers breached fintech firm Marquis and stole personal and financial data, including names, addresses, SSNs, and card numbers, impacting over 780,000 people. Marquis is a Texas-based fintech and software firm that provides data-driven marketing, customer data platforms,
by Pierluigi Paganini / 1d
ASUS confirms a third-party breach after Everest leaks sample data. Hackers also claim ArcSoft and Qualcomm. ASUS says a third-party breach exposed data after Everest ransomware leaked samples, claiming they have hacked ASUS, ArcSoft, and Qualcomm. ASUS says a supplier breach exposed some phone camera source code but did not affect products, internal systems, or user data. The company is reinforc
Dec 3, 2025
5 TTPs
by Pierluigi Paganini / 2d
Hackers are exploiting a King Addons flaw (CVE-2025-8489) that lets anyone register and instantly gain admin privileges on WordPress sites. Hackers are exploiting a critical vulnerability, tracked as CVE-2025-8489 (CVSS score of 9.8), in the WordPress plugin King Addons for Elementor that allows unauthenticated users to create admin accounts via a registration privilege bug. King Addons for Eleme
The University of Pennsylvania and the University of Phoenix confirm they were hit in the Oracle E-Business Suite hacking campaign. The University of Pennsylvania (Penn) and the University of Phoenix confirmed they were hit in the recent cyberattack targeting Oracle E-Business Suite customers. Penn explained that it uses Oracle’s E-Business Suite (EBS) platform for supplier payments, reimbursemen
5 TTPs
by Pierluigi Paganini / 2d
Researchers exposed a Lazarus scheme using remote IT workers tied to North Korea’s Famous Chollima APT group in a joint investigation. Researchers filmed Lazarus APT group’s remote-worker scheme in action, uncovering a North Korean network of IT contractors linked to the Famous Chollima unit, TheHackerNews reported . Recently, multiple cybersecurity firms and government agencies observed North Ko
Dec 2, 2025
India ordered messaging apps to work only with active SIM cards linked to users’ phone numbers to curb fraud and misuse. India’s Department of Telecommunications (DoT) now requires providers of messaging apps to work only with active SIM cards linked to users’ numbers to prevent fraud and misuse. “The Department of Telecommunications (DoT) has observed that some of the App Based Communication Ser
by Pierluigi Paganini / 3d
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Android Framework flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Android Framework flaws to its Known Exploited Vulnerabilities (KEV) catalog . Below are the flaws added to the catalog: CVE-2025-48572 Android Framework Privilege Escalation Vulnerability C
14 TTPs
by Pierluigi Paganini / 3d
Iran-linked threat actor MuddyWater targeted multiple Israeli sectors with a new MuddyViper backdoor in recent attacks. ESET researchers uncovered a new MuddyWater campaign targeting Israeli organizations and one confirmed Egyptian target. The Iran-linked APT group MuddyWater (aka SeedWorm , TEMP.Zagros , Mango Sandstorm , TA450 , and Static Kitten ) deployed custom tools to evade defenses and ma
Valid Accounts (Enterprise T1078)
by Pierluigi Paganini / 3d
Coupang disclosed a five-month data breach that exposed the personal information of nearly 34 million South Korean customers. South Korean e-commerce giant disclosed a data breach affecting nearly 34 million customers, exposing personal information over a period of more than five months. “According to the investigation so far, it is believed that unauthorized access to personal information began
by Pierluigi Paganini / 3d
Google’s latest Android security update fixes 107 flaws across multiple components, including two vulnerabilities actively exploited in the wild. Google’s new Android update patches 107 vulnerabilities, including two already exploited in the wild, across system, kernel, and major vendor components. December’s Android update offers two patch levels (12-01, 12-05) for faster fixes across devices. T
Dec 1, 2025
Authorities seized $29M in Bitcoin after takedown of Cryptomixer, a service used to launder cybercrime proceeds. Europol announced the seizure of $29M in Bitcoin after shutting down Cryptomixer, a crypto-mixing service used for cybercrime and money laundering. The Europol reported that since its creation in 2016, Cryptomixer mixed over EUR 1.3 billion in Bitcoin. The service has been targeted as
Australian Michael Clapsis got 7 years and 4 months in prison for Wi-Fi attacks at airports and on flights, stealing sensitive data. Australian man Michael Clapsis (44) was sentenced to 7 years and 4 months in prison for conducting Wi-Fi attacks at airports and on flights, stealing sensitive information, according to the Australian Federal Police (AFP). “A Perth hacker who stole intimate videos f
Albiriox is new Android MaaS malware enabling on-device fraud and real-time control. It targets 400+ banking, fintech, crypto, and payment apps. Albiriox is a new Android malware sold under a malware-as-a-service model on Russian‑speaking cybercrime forums. It provides advanced capabilities for on-device fraud , screen manipulation, and real-time interaction with infected devices. It also include
Nov 30, 2025
8 TTPs
by Pierluigi Paganini / 4d
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an OpenPLC ScadaBR flaw, tracked as CVE-2021-26829 (CVSS score of 5.4), to its Known Exploited Vulnerabilities (KEV) catalog . The vulnerability is a cross-site scripting (XSS) flaw that imp
by Pierluigi Paganini / 5d
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Analysis of ShadowPad Attack Exploiting WSUS Remote Code Execution Vulnerability (CVE-2025-59287) Shai-Hulud 2.0 Supply Chain Attack: 25K+ npm Repos Exposed Spyware Allows Cyber Threat Actors to Target Users of Messaging Applications Morphisec Th
by Pierluigi Paganini / 5d
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Attackers stole member data from French Soccer Federation Thousands of sensitive secrets published on JSONFormatter and CodeBeautify New Mirai varia
Nov 29, 2025
North Korea-linked actors behind Contagious Interview uploaded 197 new malicious npm packages to distribute a new OtterCookie malware version. North Korea-linked threat actors added 197 new malicious npm packages to spread updated OtterCookie malware as part of the ongoing Contagious Interview campaign , cybersecurity firm Socket warns. The Contagious Interview campaign, active since November 202
End of feed
- Get link
- X
- Other Apps
Comments
Post a Comment
Please leave a comment about our recent post.