Está aqui

InfoSec News 20250422

Publicado: Ter, 22/04/2025 - 14:55

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

Lotus Panda Hacks SE Asian Governments With Browser Stealers and Sideloaded Malware

"The China-linked cyber espionage group tracked as Lotus Panda has been attributed to a campaign that compromised multiple organizations in an unnamed Southeast Asian country between August 2024 and February 2025."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

Abilene city, Texas, takes systems offline following a cyberattack

"Abilene, Texas, shut down systems after a cyberattack caused server issues. IT staff and experts are investigating the security incident."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

Over 50k WordPress Sites at Takeover Risk Via Vulnerable Plugin

"A critical vulnerability affecting the popular WordPress plugin Greenshift – animation and page builder blocks has come to light, potentially placing over 50,000 active websites at risk of full compromise."

Link

TLP¹ : Green

Critical CVE-2025-1976 Vulnerability in Brocade Fabric OS Actively Exploited

"A critical security vulnerability has been identified in Brocade Fabric OS, posing a significant risk to affected systems. The vulnerability, tracked as CVE-2025-1976, allows a local user with admin privileges to potentially execute arbitrary code with full root privileges."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

Get started as an ethical hacker with this $35 course bundle deal

"In an era of relentless data breaches, ransomware attacks, and digital espionage, cybersecurity professionals are no longer just reacting—they’re getting ahead of threats. Enter the white hat hacker: a security expert who thinks like an attacker to protect like a pro."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

How I Used AI to Create a Working Exploit for CVE-2025-32433 Before Public PoCs Existed

"Writing the Proof of Concept for CVE-2025-32433"

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

Red:Not for disclosure, restricted to participants only.
Amber: Limited disclosure, restricted to participants organizations.
Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp

Infosec News

Análise / Investigações

Campanha Social Engineering

Analise ao Emotet

Campanha Smishing CTT

Campanha de Phishing BBVA

Campanha de phishing/ malware Millennium BCP

Newsletters

Para subscrever ou anular a subscrição da nossa newsletter InfoSec, seleccione a opção e preencha os campos abaixo.

CSIRT.MAI

InfoSec News 20250422

Top News

Researchers claim breakthrough in fight against AI’s frustrating security hole

Beware! New Malware Mimics as Cisco Webex Attacks Users in-the-wild

New Obfuscation Trick Lets Attackers Evade Antivirus and EDR Tools

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

Lotus Panda Hacks SE Asian Governments With Browser Stealers and Sideloaded Malware

Breaches: Data Breaches and Hacks

Abilene city, Texas, takes systems offline following a cyberattack

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

Over 50k WordPress Sites at Takeover Risk Via Vulnerable Plugin

Critical CVE-2025-1976 Vulnerability in Brocade Fabric OS Actively Exploited

Incident Response: Infrastructure, Training, SIEM and Incident Handling

Get started as an ethical hacker with this $35 course bundle deal

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

How I Used AI to Create a Working Exploit for CVE-2025-32433 Before Public PoCs Existed