VulnHub

Veeam Software has issued patches for serious vulnerabilities in its Backup & Replication solution, including four critical remote code execution (RCE) flaws. These vulnerabilities could allow attackers to execute malicious code on affected backup servers, potentially leading to data breaches or system takeovers. Organizations using Veeam's software should prioritize applying these patches to safeguard their systems. The risks are particularly concerning for companies that rely on Veeam for data protection, as failing to address these vulnerabilities could leave sensitive data exposed. This incident serves as a reminder for all users of backup solutions to stay vigilant and ensure their software is up to date.

Authorities have dismantled a global proxy network known as SocksEscort, which had compromised routers and Internet of Things (IoT) devices across 163 countries. This botnet reportedly affected around 369,000 victims and generated approximately $5.8 million in revenue for its cybercriminal operators. The operation's scale demonstrates how widespread such threats can be, as compromised devices can facilitate various cybercrimes, including unauthorized access and data theft. The takedown is a significant step in combating the growing issue of botnets, which can put both individuals and organizations at risk. Users are advised to secure their devices and ensure they are not part of such networks.

Cybersecurity officials expressed concern about growing public indifference towards the Salt Typhoon hacking group, which is known for targeting telecommunications. They believe that this apathy is undermining efforts to implement stricter security regulations in the telecom sector. The group has been linked to various cyber attacks that could compromise sensitive data and disrupt services. Officials are urging the public and industry stakeholders to recognize the seriousness of the threat posed by these hackers. Without heightened awareness and action, they fear that vital security measures may not be adopted, leaving the telecom infrastructure vulnerable to future attacks.

In 2025, Google awarded over $17 million to 747 security researchers through its Vulnerability Reward Program (VRP) for reporting various security vulnerabilities. This initiative not only incentivizes researchers to identify and report bugs but also strengthens the overall security of Google's products and services. By paying for these reports, Google is actively encouraging contributions from the security community, which helps mitigate potential threats before they can be exploited. This program is essential for maintaining user trust and safeguarding sensitive information across the company's platforms. The financial commitment reflects the increasing importance of cybersecurity in the tech industry.

A criminal group operating an online fraud scheme in Germany has been dismantled, resulting in the arrest of three suspects. The operation, coordinated by Eurojust, took place on March 10, where authorities from Germany and France collaborated to apprehend the suspects. The main suspect, who was located in France, is currently in custody awaiting a court decision on whether he will be extradited to Germany. This fraud scheme is believed to have scammed victims out of approximately €1 million, raising concerns about the effectiveness of online security measures and the need for increased vigilance among internet users. The case underscores the ongoing threat of online scams and the importance of international cooperation in tackling cybercrime.

A serious SQL injection vulnerability (CVE-2026-2413) has been discovered in the Ally plugin for WordPress, which is currently used on over 400,000 websites. This flaw allows attackers to exploit the plugin without needing any authentication, potentially enabling them to access and steal sensitive data from affected sites. The vulnerability has a CVSS score of 7.5, indicating a high severity level. Security researchers at Acquia, including Drew Webber, identified this issue, raising concerns for site administrators who may not be aware of the risks. It's crucial for users of the Ally plugin to take immediate action to protect their sites from potential attacks.

Meta has taken significant action against scam operations by disabling over 150,000 accounts linked to scam centers in Asia. This initiative is part of a broader effort to combat online fraud, which has increasingly targeted users on social media platforms. By disrupting these centers, Meta aims to protect its users from scams that can lead to financial loss and identity theft. The company also launched new protection tools to enhance user safety and prevent future scams. This response reflects the growing challenge of online scams and the need for tech companies to actively safeguard their platforms.

This week's security bulletin covers several emerging threats that could impact users and organizations. A new OAuth vulnerability has been identified, which could allow attackers to hijack user sessions without their knowledge. Additionally, researchers have discovered a new phishing scheme targeting Signal users, which exploits the app's encryption features to trick individuals into revealing sensitive information. Another threat involves a technique dubbed 'Zombie ZIP,' where attackers use ZIP files to bypass security measures. Finally, an AI platform has been hacked, raising concerns about the security of machine learning systems. These incidents underline the need for vigilance and updated security practices to protect against evolving attack methods.

Splunk and Zoom recently addressed serious vulnerabilities in their software that could allow attackers to execute arbitrary shell commands or gain elevated privileges. These flaws are categorized as critical and high-severity, posing significant risks to users and organizations using these platforms. The vulnerabilities could potentially enable unauthorized access and control over systems, which is particularly concerning for businesses that rely on these tools for communication and data analysis. Users are urged to update their software immediately to mitigate these risks. Both companies have released patches to fix the issues, and it’s crucial for affected users to implement these updates as soon as possible.