Chinese cyberspies backdoor Juniper routers for stealthy access
https://www.bleepingcomputer.com/news/security/chinese-cyberspies-backdoor-juniper-routers-for-stealthy-access/
Microsoft: Recent Windows updates make USB printers print random text
https://www.bleepingcomputer.com/news/microsoft/microsoft-usb-printers-print-random-text-after-recent-windows-updates/
Lingua Diabolis | Analysis of CVE-2025-24813 Apache Tomcat Path Equivalence RCE
https://scrapco.de/blog/analysis-of-cve-2025-24813-apache-tomcat-path-equivalence-rce.html
Mozilla warns users to update Firefox before certificate expires
https://www.bleepingcomputer.com/news/software/mozilla-warns-users-to-update-firefox-before-certificate-expires/
New North Korean Android spyware slips onto Google Play
https://www.bleepingcomputer.com/news/security/new-north-korean-android-spyware-slips-onto-google-play/
CISA: Medusa ransomware hit over 300 critical infrastructure orgs
https://www.bleepingcomputer.com/news/security/cisa-medusa-ransomware-hit-over-300-critical-infrastructure-orgs/
Microsoft: 6 Zero-Days in March 2025 Patch Tuesday – Krebs on Security
https://krebsonsecurity.com/2025/03/microsoft-6-zero-days-in-march-2025-patch-tuesday/
Saudi Arabia Buys Pokémon Go, and Probably All of Your Location Data
https://www.404media.co/saudi-arabia-buys-pokemon-go-and-probably-all-of-your-location-data/
[JSAC2025] China-aligned PlushDaemon APT compromises supply chain of Korean VPN - Japanese - - YouTube
https://www.youtube.com/watch?v=QysGnVjXrfo&list=PLgEi6O-lWUIaz2-gaWWBjqHvtdIQtOwDE![[JSAC2025] China-aligned PlushDaemon APT compromises supply chain of Korean VPN - Japanese - - YouTube](/image/screenshot/6de5b143ad536d9ea072b63fd3aaf8cf.webp)
Over 400 IPs Exploiting Multiple SSRF Vulnerabilities in Coordinated Cyber Attack
https://thehackernews.com/2025/03/over-400-ips-exploiting-multiple-ssrf.html
North Korean Lazarus hackers infect hundreds via npm packages
https://www.bleepingcomputer.com/news/security/north-korean-lazarus-hackers-infect-hundreds-via-npm-packages/
Microsoft patches Windows Kernel zero-day exploited since 2023
https://www.bleepingcomputer.com/news/microsoft/microsoft-patches-windows-kernel-zero-day-exploited-since-2023/
Lazarus Group Hid Backdoor in Fake npm Packages in Latest Attack
https://hackread.com/lazarus-group-backdoor-fake-npm-packages-attack/
Apple fixes WebKit zero-day exploited in ‘extremely sophisticated’ attacks
https://www.bleepingcomputer.com/news/apple/apple-fixes-webkit-zero-day-exploited-in-extremely-sophisticated-attacks/
Lexfo's security blog - Pre-authentication SQL injection to RCE in GLPI (CVE-2025-24799/CVE-2025-24801)
https://blog.lexfo.fr/glpi-sql-to-rce.html
Exploiting Reversing (ER) series: article 05 | Hyper-V (part 01) – Exploit Reversing
https://exploitreversing.com/2025/03/12/exploiting-reversing-er-series-article-05/
http://redsiege.com/wedoff
http://redsiege.com/wedoff
AI Assisted Fake GitHub Repositories Fuel SmartLoader and LummaStealer Distribution | Trend Micro (US)
https://www.trendmicro.com/en_us/research/25/c/ai-assisted-fake-github-repositories.html