Ivanti 0-Day Exploited for DslogdRAT & Web Shell
Threat actors have exploited a zero-day flaw in Ivanti Connect Secure (CVE-2025-0282) to install a web shell and a remote access trojan (DslogdRAT), according to JPCERT/CC. How DslogdRAT and the [...]
Commvault RCE Exploited, PoC Available
A major remote code execution (RCE) vulnerability, CVE-2025-34028, has been discovered in Commvault’s on-premise backup and recovery software, posing serious risks to enterprises and managed service providers worldwide. Commvault RCE [...]
NFC Exploited to Steal Funds from ATMs and POS
NFC Technology Abused in Global ATM and POS Fraud Cybercriminals, mainly from Chinese underground networks, are using NFC (Near Field Communication) technology to carry out large-scale fraud at ATMs and [...]
TP-Link Router Vulnerabilities Enable Malicious SQL Execution
Cybersecurity researchers have found critical SQL injection vulnerabilities in four TP-Link router models, which could allow attackers to bypass authentication, execute malicious commands, and potentially take control of the devices. [...]
Impersonated Dev Tools on npm/PyPI Used for Credential Theft
The Socket Threat Research Team has discovered three malicious open-source packages—two on PyPI and one on npm—designed to steal sensitive cryptocurrency data like mnemonic seed phrases and private keys. These [...]
Get Social