TECHZONE™
رفتن به کانال در Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
نمایش بیشتر595
مشترکین
اطلاعاتی وجود ندارد24 ساعت
-27 روز
-1130 روز
آرشیو پست ها
595
Top 3 MS Office Exploits Hackers Use in 2025 – Stay Alert!
https://thehackernews.com/2025/03/top-3-ms-office-exploits-hackers-use-in.html
Hackers have long used Word and Excel documents as delivery vehicles for malware, and in 2025, these tricks are far from outdated. From phishing schemes to zero-click exploits, malicious Office files are still one of the easiest ways into a victim’s system.
Here are the top three Microsoft Office-based exploits still making the rounds this year and what you need to know to avoid them.
1.
595
150,000 Sites Compromised by JavaScript Injection Promoting Chinese Gambling Platforms
https://thehackernews.com/2025/03/150000-sites-compromised-by-javascript.html
An ongoing campaign that infiltrates legitimate websites with malicious JavaScript injects to promote Chinese-language gambling platforms has ballooned to compromise approximately 150,000 sites to date.
"The threat actor has slightly revamped their interface but is still relying on an iframe injection to display a full-screen overlay in the visitor's browser," c/side security analyst Himanshu
595
CISA Warns of Sitecore RCE Flaws; Active Exploits Hit Next.js and DrayTek Devices
https://thehackernews.com/2025/03/cisa-flags-two-six-year-old-sitecore.html
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two six-year-old security flaws impacting Sitecore CMS and Experience Platform (XP) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The vulnerabilities are listed below -
CVE-2019-9874 (CVSS score: 9.8) - A deserialization vulnerability in the Sitecore.Security.AntiCSRF
595
NetApp SnapCenter Flaw Could Let Users Gain Remote Admin Access on Plug-In Systems
https://thehackernews.com/2025/03/netapp-snapcenter-flaw-could-let-users.html
A critical security flaw has been disclosed in NetApp SnapCenter that, if successfully exploited, could allow privilege escalation.
SnapCenter is an enterprise-focused software that's used to manage data protection across applications, databases, virtual machines, and file systems, offering the ability to backup, restore, and clone data resources.
The vulnerability, tracked as
595
New SparrowDoor Backdoor Variants Found in Attacks on U.S. and Mexican Organizations
https://thehackernews.com/2025/03/new-sparrowdoor-backdoor-variants-found.html
The Chinese threat actor known as FamousSparrow has been linked to a cyber attack targeting a trade group in the United States and a research institute in Mexico to deliver its flagship backdoor SparrowDoor and ShadowPad.
The activity, observed in July 2024, marks the first time the hacking crew has deployed ShadowPad, a malware widely shared by Chinese state-sponsored actors.
"FamousSparrow
595
Malicious npm Package Modifies Local 'ethers' Library to Launch Reverse Shell Attacks
https://thehackernews.com/2025/03/malicious-npm-package-modifies-local.html
Cybersecurity researchers have discovered two malicious packages on the npm registry that are designed to infect another locally installed package, underscoring the continued evolution of software supply chain attacks targeting the open-source ecosystem.
The packages in question are ethers-provider2 and ethers-providerz, with the former downloaded 73 times to date since it was published on
595
Sparring in the Cyber Ring: Using Automated Pentesting to Build Resilience
https://thehackernews.com/2025/03/sparring-in-cyber-ring-using-automated.html
“A boxer derives the greatest advantage from his sparring partner…”
— Epictetus, 50–135 AD
Hands up. Chin tucked. Knees bent. The bell rings, and both boxers meet in the center and circle. Red throws out three jabs, feints a fourth, and—BANG—lands a right hand on Blue down the center.
This wasn’t Blue’s first day and despite his solid defense in front of the mirror, he feels the pressure.
595
EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware
https://thehackernews.com/2025/03/encrypthub-exploits-windows-zero-day-to.html
The threat actor known as EncryptHub exploited a recently-patched security vulnerability in Microsoft Windows as a zero-day to deliver a wide range of malware families, including backdoors and information stealers such as Rhadamanthys and StealC.
"In this attack, the threat actor manipulates .msc files and the Multilingual User Interface Path (MUIPath) to download and execute malicious payload,
595
RedCurl Shifts from Espionage to Ransomware with First-Ever QWCrypt Deployment
https://thehackernews.com/2025/03/redcurl-shifts-from-espionage-to.html
The Russian-speaking hacking group called RedCurl has been linked to a ransomware campaign for the first time, marking a departure in the threat actor's tradecraft.
The activity, observed by Romanian cybersecurity company Bitdefender, involves the deployment of a never-before-seen ransomware strain dubbed QWCrypt.
RedCurl, also called Earth Kapre and Red Wolf, has a history of orchestrating
595
How PAM Mitigates Insider Threats: Preventing Data Breaches, Privilege Misuse, and More
https://thehackernews.com/2025/03/how-pam-mitigates-insider-threats.html
When people think of cybersecurity threats, they often picture external hackers breaking into networks. However, some of the most damaging breaches stem from within organizations. Whether through negligence or malicious intent, insiders can expose your organization to significant cybersecurity risks.
According to Verizon's 2024 Data Breach Investigations Report, 57% of companies experience over
595
Hackers Using E-Crime Tool Atlantis AIO for Credential Stuffing on 140+ Platforms
https://thehackernews.com/2025/03/hackers-using-e-crime-tool-atlantis-aio.html
Threat actors are leveraging an e-crime tool called Atlantis AIO Multi-Checker to automate credential stuffing attacks, according to findings from Abnormal Security.
Atlantis AIO "has emerged as a powerful weapon in the cybercriminal arsenal, enabling attackers to test millions of stolen credentials in rapid succession," the cybersecurity company said in an analysis.
Credential stuffing is a
595
Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks
https://thehackernews.com/2025/03/zero-day-alert-google-releases-chrome.html
Google has released out-of-band fixes to address a high-severity security flaw in its Chrome browser for Windows that it said has been exploited in the wild as part of attacks targeting organizations in Russia.
The vulnerability, tracked as CVE-2025-2783, has been described as a case of "incorrect handle provided in unspecified circumstances in Mojo on Windows." Mojo refers to a
595
New Security Flaws Found in VMware Tools and CrushFTP — High Risk, No Workaround
https://thehackernews.com/2025/03/new-security-flaws-found-in-vmware.html
Broadcom has issued security patches to address a high-severity security flaw in VMware Tools for Windows that could lead to an authentication bypass.
Tracked as CVE-2025-22230, the vulnerability is rated 7.8 on the ten-point Common Vulnerability Scoring System (CVSS).
"VMware Tools for Windows contains an authentication bypass vulnerability due to improper access control," Broadcom said in an
595
Researchers Uncover ~200 Unique C2 Domains Linked to Raspberry Robin Access Broker
https://thehackernews.com/2025/03/researchers-uncover-200-unique-c2.html
A new investigation has unearthed nearly 200 unique command-and-control (C2) domains associated with a malware called Raspberry Robin.
"Raspberry Robin (also known as Roshtyak or Storm-0856) is a complex and evolving threat actor that provides initial access broker (IAB) services to numerous criminal groups, many of which have connections to Russia," Silent Push said in a report shared with The
595
Chinese Hackers Breach Asian Telecom, Remain Undetected for Over 4 Years
https://thehackernews.com/2025/03/chinese-hackers-breach-asian-telecom.html
A major telecommunications company located in Asia was allegedly breached by Chinese state-sponsored hackers who spent over four years inside its systems, according to a new report from incident response firm Sygnia.
The cybersecurity company is tracking the activity under the name Weaver Ant, describing the threat actor as stealthy and highly persistent. The name of the telecom provider was not
595
AI-Powered SaaS Security: Keeping Pace with an Expanding Attack Surface
https://thehackernews.com/2025/03/ai-powered-saas-security-keeping-pace.html
Organizations now use an average of 112 SaaS applications—a number that keeps growing. In a 2024 study, 49% of 644 respondents who frequently used Microsoft 365 believed that they had less than 10 apps connected to the platform, despite the fact that aggregated data indicated over 1,000+ Microsoft 365 SaaS-to-SaaS connections on average per deployment. And that’s just one major SaaS provider.
595
Hackers Use .NET MAUI to Target Indian and Chinese Users with Fake Banking, Social Apps
https://thehackernews.com/2025/03/hackers-use-net-maui-to-target-indian.html
Cybersecurity researchers are calling attention to an Android malware campaign that leverages Microsoft's .NET Multi-platform App UI (.NET MAUI) framework to create bogus banking and social media apps targeting Indian and Chinese-speaking users.
"These threats disguise themselves as legitimate apps, targeting users to steal sensitive information," McAfee Labs researcher Dexter Shin said.
.NET
595
INTERPOL Arrests 306 Suspects, Seizes 1,842 Devices in Cross-Border Cybercrime Bust
https://thehackernews.com/2025/03/interpol-arrests-306-suspects-seizes.html
Law enforcement authorities in seven African countries have arrested 306 suspects and confiscated 1,842 devices as part of an international operation codenamed Red Card that took place between November 2024 and February 2025.
The coordinated effort "aims to disrupt and dismantle cross-border criminal networks which cause significant harm to individuals and businesses," INTERPOL said, adding it
595
Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication
https://thehackernews.com/2025/03/critical-ingress-nginx-controller.html
A set of five critical security shortcomings have been disclosed in the Ingress NGINX Controller for Kubernetes that could result in unauthenticated remote code execution, putting over 6,500 clusters at immediate risk by exposing the component to the public internet.
The vulnerabilities (CVE-2025-24513, CVE-2025-24514, CVE-2025-1097, CVE-2025-1098, and CVE-2025-1974 ), assigned a CVSS score of
595
Microsoft Adds Inline Data Protection to Edge for Business to Block GenAI Data Leaks
https://thehackernews.com/2025/03/microsoft-adds-inline-data-protection.html
Microsoft on Monday announced a new feature called inline data protection for its enterprise-focused Edge for Business web browser.
The native data security control is designed to prevent employees from sharing sensitive company-related data into consumer generative artificial intelligence (GenAI) apps like OpenAI ChatGPT, Google Gemini, and DeepSeek. The list will be expanded over time to
اکنون در دسترس! پژوهش تلگرام ۲۰۲۵ — مهمترین بینشهای سال 
