VulnHub

Real-time Cybersecurity News

Latest Cybersecurity Threats

Real-time threat intelligence from trusted sources

ASUS warns of new critical auth bypass flaw in AiCloud routers

BleepingComputer

ASUS has issued a firmware update to address nine security vulnerabilities, including a critical authentication bypass flaw in routers with AiCloud functionality. This flaw poses a significant risk as it could allow unauthorized access to the routers, potentially compromising user data and network security.

Impact: ASUS routers with AiCloud enabled
Remediation: Firmware update provided by ASUS; specific patch version not mentioned.
PatchUpdateCritical
Read Original
Ransomware Attack Disrupts Local Emergency Alert System Across US

SecurityWeek

Actively Exploited

The OnSolve CodeRED platform has suffered a ransomware attack by the Inc Ransom group, leading to significant disruptions and a data breach affecting local emergency alert systems across the United States. This incident highlights the vulnerabilities in critical communication infrastructures and the potential risks to public safety.

Impact: OnSolve CodeRED platform
Remediation: N/A
RansomwareData BreachCritical
Read Original
Emergency alerts go dark after cyberattack on OnSolve CodeRED

Security Affairs

Actively Exploited

A cyberattack on the OnSolve CodeRED alert platform has disrupted emergency notification services utilized by various U.S. state and local governments, police, and fire agencies. This incident highlights the vulnerabilities in critical communication systems that are essential for public safety during emergencies.

Impact: OnSolve CodeRED emergency alert system
Remediation: N/A
Critical
Read Original
Webinar: Learn to Spot Risks and Patch Safely with Community-Maintained Tools

The Hacker News

The article highlights the risks associated with using community-maintained tools like Chocolatey and Winget for system updates. While these tools offer convenience for IT teams, their open nature allows anyone to modify packages, potentially exposing systems to vulnerabilities. This duality presents a significant challenge for maintaining security while leveraging community resources.

Impact: Chocolatey, Winget
Remediation: Regularly review and validate community packages before use; implement additional security measures to monitor for vulnerabilities.
PatchUpdateVulnerability
Read Original
Chrome Extension Caught Injecting Hidden Solana Transfer Fees Into Raydium Swaps

The Hacker News

Actively Exploited

A malicious Chrome extension named Crypto Copilot has been identified, capable of injecting hidden Solana transfer fees into swap transactions, redirecting funds to an attacker's wallet. This poses a significant threat to users engaging in cryptocurrency transactions on the Raydium platform, highlighting the need for vigilance against browser-based threats.

Impact: Chrome Web Store, Crypto Copilot extension, Raydium swaps, Solana transactions
Remediation: Users should remove the Crypto Copilot extension from their browsers and monitor their cryptocurrency transactions for unauthorized transfers. Regularly updating browser security settings and using trusted extensions are also recommended.
Malware
Read Original
HashJack Indirect Prompt Injection Weaponizes Websites

Infosecurity Magazine

The newly identified vulnerability known as 'HashJack' poses a significant threat by allowing attackers to compromise websites that interact with AI browsers. This could lead to malicious exploitation, affecting user security and trust in web applications.

Impact: Websites that utilize AI browsers
Remediation: Implement security measures to validate and sanitize user inputs, and monitor for unusual activity on websites interacting with AI systems.
Vulnerability
Read Original
Old tech, new vulnerabilities: NTLM abuse, ongoing exploitation in 2025

Securelist

Actively Exploited

The article highlights the ongoing exploitation of NTLM-related vulnerabilities, such as NTLM relay and credential forwarding, in 2025. These vulnerabilities pose significant security risks, indicating a need for urgent attention from cybersecurity professionals to mitigate potential attacks.

Impact: N/A
Remediation: Implement security best practices for NTLM, disable NTLM where possible, and monitor for suspicious authentication activities.
Read Original
Opti Raises $20 Million for Identity Security Platform

SecurityWeek

Opti, a cybersecurity startup, has successfully raised $20 million in seed funding aimed at enhancing its identity security platform. The funding will support product expansion and facilitate global growth, highlighting the increasing importance of identity security in the cybersecurity landscape.

Impact: N/A
Remediation: N/A
Read Original
RomCom Uses SocGholish Fake Update Attacks to Deliver Mythic Agent Malware

The Hacker News

Actively Exploited

The RomCom malware has been distributed using a JavaScript loader called SocGholish, targeting a U.S.-based civil engineering company to deliver the Mythic Agent. This marks the first instance of RomCom being deployed via SocGholish, highlighting a significant development in the tactics of threat actors.

Impact: U.S.-based civil engineering company
Remediation: N/A
UpdateMalware
Read Original
Dartmouth College Confirms Data Theft in Oracle Hack

SecurityWeek

Dartmouth College has confirmed a significant data breach involving the theft of over 226 Gb of files by cybercriminals. This incident highlights the increasing risks associated with data security in educational institutions and raises concerns about the potential exposure of sensitive information.

Impact: Dartmouth College, Oracle systems
Remediation: N/A
Data Breach
Read Original
DeepTeam: Open-source LLM red teaming framework

Help Net Security

DeepTeam is an open-source framework designed to test large language models for vulnerabilities before they are deployed to users. By simulating attacks and evaluating outcomes, it aims to enhance the security of these models, addressing the urgent need for effective red teaming methods in the rapidly evolving landscape of AI. This tool provides security teams with a proactive approach to identifying weaknesses in language models.

Impact: Large language models
Remediation: Use DeepTeam framework for testing and evaluating language models
Read Original
Iran Exploits Cyber Domain to Aid Kinetic Strikes

darkreading

Iran is utilizing cyber capabilities to enhance the effectiveness of its missile attacks on maritime and land targets. This approach of 'cyber-enabled kinetic targeting' indicates a significant evolution in warfare tactics, raising concerns about the implications for global security and the potential for increased conflict.

Impact: N/A
Remediation: N/A
Read Original
FBI Reports $262M in ATO Fraud as Researchers Cite Growing AI Phishing and Holiday Scams

The Hacker News

Actively Exploited

The FBI has reported a significant increase in account takeover (ATO) fraud, with cybercriminals impersonating financial institutions to steal money and sensitive information. This issue poses a serious threat to individuals and organizations across various sectors, leading to losses exceeding $262 million.

Impact: Financial institutions, individuals, businesses, organizations
Remediation: Individuals and organizations should implement strong authentication measures, monitor accounts for unusual activity, and educate employees about phishing tactics.
Phishing
Read Original
Underground AI models promise to be hackers ‘cyber pentesting waifu’

CyberScoop

The article discusses the emergence of underground AI models designed for hacking, featuring tier-based subscriptions and hacker-specific training datasets. These tools, which are being marketed with playful personalities, represent a significant threat as they could lower the barrier to entry for cybercriminals and enhance their capabilities in conducting cyber attacks.

Impact: Custom AI hacking tools
Remediation: N/A
Read Original
PreviousPage 92 of 101Next