03/16
03/17
03/18
9 Posts

Critical RCE flaw in Apache Tomcat actively exploited in attacks

https://www.bleepingcomputer.com/news/security/critical-rce-flaw-in-apache-tomcat-actively-exploited-in-attacks/
Critical RCE flaw in Apache Tomcat actively exploited in attacks
5 Posts

MalwareBazaar | SHA256 7444d08579781b3d7b233e9fd3e7f9b31a85837c29adf2f4ae7965a628078639 (SnakeKeylogger)

https://bazaar.abuse.ch/sample/7444d08579781b3d7b233e9fd3e7f9b31a85837c29adf2f4ae7965a628078639/
MalwareBazaar | SHA256 7444d08579781b3d7b233e9fd3e7f9b31a85837c29adf2f4ae7965a628078639 (SnakeKeylogger)
4 Posts

Fake "Security Alert" issues on GitHub use OAuth app to hijack accounts

https://www.bleepingcomputer.com/news/security/fake-security-alert-issues-on-github-use-oauth-app-to-hijack-accounts/
Fake "Security Alert" issues on GitHub use OAuth app to hijack accounts
4 Posts

Decrypting Encrypted files from Akira Ransomware (Linux/ESXI variant 2024) using a bunch of GPUs – Tinyhack.com

https://tinyhack.com/2025/03/13/decrypting-encrypted-files-from-akira-ransomware-linux-esxi-variant-2024-using-a-bunch-of-gpus/
Decrypting Encrypted files from Akira Ransomware (Linux/ESXI variant 2024) using a bunch of GPUs – Tinyhack.com
4 Posts

Off the Beaten Path: Recent Unusual Malware

https://unit42.paloaltonetworks.com/unusual-malware/
Off the Beaten Path: Recent Unusual Malware
4 Posts

LockBit Ransomware v4.0 | Chuong Dong

https://chuongdong.com/reverse%20engineering/2024/03/15/Lockbit4Ransomware/
LockBit Ransomware v4.0 | Chuong Dong
4 Posts

GitHub Action Compromise Puts CI/CD Secrets at Risk in Over 23,000 Repositories

https://thehackernews.com/2025/03/github-action-compromise-puts-cicd.html
GitHub Action Compromise Puts CI/CD Secrets at Risk in Over 23,000 Repositories
4 Posts

Malicious Adobe, DocuSign OAuth apps target Microsoft 365 accounts

https://www.bleepingcomputer.com/news/security/malicious-adobe-docusign-oauth-apps-target-microsoft-365-accounts/
Malicious Adobe, DocuSign OAuth apps target Microsoft 365 accounts
3 Posts

Bypassing Authentication Like It’s The ‘90s - Pre-Auth RCE Chain(s) in Kentico Xperience CMS

https://labs.watchtowr.com/bypassing-authentication-like-its-the-90s-pre-auth-rce-chain-s-in-kentico-xperience-cms/
Bypassing Authentication Like It’s The ‘90s - Pre-Auth RCE Chain(s) in Kentico Xperience CMS
3 Posts

Microsoft: March Windows updates mistakenly uninstall Copilot

https://www.bleepingcomputer.com/news/microsoft/microsoft-march-windows-updates-mistakenly-uninstall-copilot/
Microsoft: March Windows updates mistakenly uninstall Copilot
3 Posts

Microsoft: New RAT malware used for crypto theft, reconnaissance

https://www.bleepingcomputer.com/news/security/microsoft-new-rat-malware-used-for-crypto-theft-reconnaissance/
Microsoft: New RAT malware used for crypto theft, reconnaissance
3 Posts

Supply chain attack on popular GitHub Action exposes CI/CD secrets

https://www.bleepingcomputer.com/news/security/supply-chain-attack-on-popular-github-action-exposes-ci-cd-secrets/
Supply chain attack on popular GitHub Action exposes CI/CD secrets
3 Posts

Cross-site Scripting - YouTube

http://youtube.com/watch?v=vZoRn_j5jBM
Cross-site Scripting - YouTube
3 Posts

Cybercriminals Exploit CSS to Evade Spam Filters and Track Email Users' Actions

https://thehackernews.com/2025/03/cybercriminals-exploit-css-to-evade.html
Cybercriminals Exploit CSS to Evade Spam Filters and Track Email Users' Actions
3 Posts

Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure

https://thehackernews.com/2025/03/apache-tomcat-vulnerability-comes-under.html
Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure
3 Posts

NIST Announces HQC as Fifth Standardized Post Quantum Algorithm - SecurityWeek

https://www.securityweek.com/nist-announces-hqc-as-fifth-standardized-post-quantum-algorithm/
NIST Announces HQC as Fifth Standardized Post Quantum Algorithm - SecurityWeek
3 Posts

100 Car Dealerships Hit by Supply Chain Attack - SecurityWeek

https://www.securityweek.com/100-car-dealerships-hit-by-supply-chain-attack/
100 Car Dealerships Hit by Supply Chain Attack - SecurityWeek
3 Posts

Nvidia Patches Vulnerabilities That Could Let Hackers Exploit AI Services - SecurityWeek

https://www.securityweek.com/nvidia-riva-vulnerabilities-allow-unauthorized-use-of-ai-services/
Nvidia Patches Vulnerabilities That Could Let Hackers Exploit AI Services - SecurityWeek
3 Posts

Denmark warns of increased state-sponsored campaigns targeting the European telcos

https://securityaffairs.com/175479/intelligence/denmark-warns-of-increased-state-sponsored-campaigns-targeting-the-european-telcos.html
Denmark warns of increased state-sponsored campaigns targeting the European telcos
3 Posts

Researcher trolls Microsoft over bug disclosure annoyance • The Register

https://go.theregister.com/feed/www.theregister.com/2025/03/17/microsoft_bug_report_troll/
Researcher trolls Microsoft over bug disclosure annoyance • The Register
3 Posts

OKX suspends DEX aggregator after Lazarus hackers try to launder funds

https://www.bleepingcomputer.com/news/security/okx-suspends-dex-aggregator-after-lazarus-hackers-try-to-launder-funds/
OKX suspends DEX aggregator after Lazarus hackers try to launder funds
3 Posts

CVE-2025-24016: Unsafe Deserialization Vulnerability in Wazuh Leading to Remote Code Execution

https://cvereports.com/cve-2025-24016-unsafe-deserialization-vulnerability-in-wazuh-leading-to-remote-code-execution/
CVE-2025-24016: Unsafe Deserialization Vulnerability in Wazuh Leading to Remote Code Execution