VulnHub

AI-Powered Cybersecurity Intelligence

Last Update Check:

Latest Intelligence

SecurityWeek
In Other News: Prison for Disney Hacker, MITRE ATT&CK v17, Massive DDoS Botnet

A former Disney employee has been sentenced to prison for hacking the company, highlighting the ongoing issues of insider threats in cybersecurity. Additionally, MITRE has released ATT&CK v17, a significant update to its framework, and a massive DDoS botnet has been identified, comprising 1.3 million devices, raising concerns about the scale of such attacks.


Impact: Not specified

In the Wild: Unknown

Age: Recently disclosed

Remediation: None available

Published:

SecurityWeek
South Korean Companies Targeted by Lazarus via Watering Hole Attacks, Zero-Days

South Korean companies have been targeted in a Lazarus campaign known as Operation SyncHole, utilizing watering hole attacks and zero-day vulnerabilities. This campaign highlights the ongoing threat posed by sophisticated cyber espionage groups.


Impact: Not specified

In the Wild: Yes

Age: Recently disclosed

Remediation: Implement security measures against watering hole attacks, monitor for unusual activity.

Zero-day

Published:

SecurityWeek
RSA Conference 2025 – Pre-Event Announcements Summary (Part 2)

The RSA Conference 2025 in San Francisco will feature hundreds of companies presenting their latest cybersecurity products and services. This event is significant as it showcases advancements in the cybersecurity industry and highlights emerging threats and solutions.


Impact: Not specified

In the Wild: Unknown

Age: Not specified

Remediation: Not specified

Published:

The Hacker News
SAP Confirms Critical NetWeaver Flaw Amid Suspected Zero-Day Exploitation by Hackers

A critical vulnerability in SAP NetWeaver is suspected to be exploited by threat actors to upload JSP web shells, enabling unauthorized file uploads and code execution. This issue may be linked to a previously disclosed vulnerability or an unreported remote file inclusion issue.


Impact: SAP NetWeaver

In the Wild: Yes

Age: Recently disclosed

Remediation: Apply patches, monitor for suspicious activity.

CVE Zero-day Vulnerability

Published:

The Hacker News
Why NHIs Are Security's Most Dangerous Blind Spot

The article highlights the rising threat posed by Non-Human Identities (NHIs) in cybersecurity, particularly focusing on the security risks associated with Service Accounts. As NHIs grow in prevalence, they represent a significant blind spot for security teams, necessitating urgent attention and action.


Impact: Service Accounts

In the Wild: Unknown

Age: Not specified

Remediation: None available

Published:

Securelist
Triada strikes back

Kaspersky experts have identified a new version of the Triada Trojan, which includes custom modules targeting popular applications such as Telegram, WhatsApp, and TikTok. This development highlights the evolving tactics of malware developers and the persistent threat they pose to mobile users.


Impact: Telegram, WhatsApp, TikTok, and other unspecified apps

In the Wild: Unknown

Age: Recently discovered

Remediation: Monitor app permissions, update security software, and exercise caution with app downloads.

Published:

SecurityWeek
SAP Zero-Day Possibly Exploited by Initial Access Broker

A zero-day vulnerability in SAP NetWeaver has been identified, potentially impacting over 10,000 internet-facing applications. This vulnerability poses a significant security risk as it may be exploited by initial access brokers.


Impact: SAP NetWeaver

In the Wild: Unknown

Age: Recently disclosed

Remediation: Vendor advisory pending

Zero-day Vulnerability

Published:

SecurityWeek
All Major Gen-AI Models Vulnerable to ‘Policy Puppetry’ Prompt Injection Attack

A new attack technique called Policy Puppetry has been identified, which can compromise major generative AI models, leading to the generation of harmful outputs. This vulnerability highlights significant security risks associated with AI systems.


Impact: Major generative AI models

In the Wild: Unknown

Age: Recently disclosed

Remediation: Vendor advisory pending

Vulnerability

Published:

WeLiveSecurity
Deepfake 'doctors' take to TikTok to peddle bogus cures

AI-generated deepfake 'doctors' on TikTok are misleading users by promoting dubious health supplements, taking advantage of public trust in medical professionals. This trend raises significant concerns about misinformation and potential health risks associated with unverified treatments.


Impact: Not specified

In the Wild: Yes

Age: Recently disclosed

Remediation: Increase public awareness about misinformation, promote critical evaluation of health advice on social media.

Exploit

Published:

The Hacker News
Researchers Identify Rack::Static Vulnerability Enabling Data Breaches in Ruby Servers

Researchers have identified three vulnerabilities in the Rack Ruby web server interface that could allow attackers to access files, inject malicious data, and manipulate logs. This poses a significant risk to the security of Ruby-based applications and servers.


Impact: Rack Ruby web server interface

In the Wild: Unknown

Age: Recently disclosed

Remediation: Apply patches as they become available.

CVE Vulnerability Data Breach

Published:

The Hacker News
DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks

Cybersecurity researchers have identified a new malware, DslogdRAT, which was deployed through the exploitation of a zero-day vulnerability (CVE-2025-0282) in Ivanti Connect Secure. This malware was used in targeted attacks against organizations in Japan in late 2024, highlighting the ongoing threat posed by such vulnerabilities.


Impact: Ivanti Connect Secure (ICS)

In the Wild: Yes

Age: Discovered in December 2024

Remediation: Apply the latest security patches provided by Ivanti.

CVE Zero-day Vulnerability

Published:

darkreading
[Virtual Event] Anatomy of a Data Breach: And what to do if it happens to you

The event 'Anatomy of a Data Breach' focuses on the significant impact of data breaches on organizations and provides guidance on how to respond effectively if one occurs. Understanding the anatomy of a data breach is crucial for enhancing cybersecurity measures and mitigating potential damage.


Impact: Not specified

In the Wild: Unknown

Age: Not specified

Remediation: Not specified

Data Breach

Published:

darkreading
'SessionShark' ToolKit Evades Microsoft Office 365 MFA

The 'SessionShark' toolkit claims to provide educational resources but effectively enables users to bypass Microsoft Office 365's multi-factor authentication (MFA), posing significant security risks. This tool highlights the ongoing challenges in securing cloud services against unauthorized access.


Impact: Microsoft Office 365

In the Wild: Unknown

Age: Recently disclosed

Remediation: Implement stronger MFA measures, educate users on security practices.

Microsoft

Published:

darkreading
Digital Twins Bring Simulated Security to the Real World

Digital twins enable companies to simulate their business environments and assess the effects of software changes or disruptions using real-time data. This approach enhances security by allowing organizations to proactively identify vulnerabilities and implement effective measures before real-world impacts occur.


Impact: Not specified

In the Wild: Unknown

Age: Not specified

Remediation: Not specified

Published:

darkreading
Max-Severity Commvault Bug Alarms Researchers

A high-severity vulnerability in Commvault software has been patched but poses significant risks due to the privileged access it grants to attackers, potentially compromising critical business systems and sensitive data. This issue highlights the importance of timely updates and security measures in enterprise environments.


Impact: Commvault software

In the Wild: Unknown

Age: Already patched

Remediation: Apply patches provided by the vendor.

Vulnerability

Published: