"When you look at the dark side, careful you must be. For the dark side looks back."
--Yoda
Always learning ...and sharing knowledge to make the world a safest place.
A critical security flaw CVE-2025-24813, has been discovered in Apache Tomcat, a widely used web server and servlet container.
https://nvd.nist.gov/vuln/detail/CVE-2025-24813
#cybersecurity #vulnerability #apache #tomcat #rce #cve #update #patch
Researchers Miguel Tarascó Acuña and Antonio Vázquez Blanco from Tarlogic Security discovered a hidden "backdoor" in the ESP32 chip, a microcontroller widely used in over a billion devices. This chip enables Bluetooth and Wi-Fi connections in gadgets like smart home devices, medical equipment, and more.
https://www.tarlogic.com/news/backdoor-esp32-chip-infect-ot-devices/
#cybersecurity #vulnerability #bluetooth #esp32 #backdoor #wifi #RootedCON2025 #tarlogicsecurity
Elastic, the company behind Kibana, has announced critical security updates to address a serious vulnerability in their software. This issue, labeled CVE-2025-25015, is rated 9.9 out of 10 on the severity scale, signaling an extremely high risk.
https://discuss.elastic.co/t/kibana-8-17-3-security-update-esa-2025-06/375441
Kibana arbitrary code execution via prototype pollution (ESA-2025-06) Prototype pollution in Kibana leads to arbitrary code execution via a crafted file upload and specifically crafted HTTP requests. In Kibana versions >= 8.15.0 and < 8.17.1, this is exploitable by users with the Viewer role. In Kibana versions 8.17.1 and 8.17.2 , this is only exploitable by users that have roles that contain all the following privileges: fleet-all, integrations-all, actions:execute-advanced-connectors Affecte...
A newly discovered security vulnerability in the Vim text editor, identified as CVE-2025-27423, poses a serious risk for users. This flaw, found in Vim’s (tar.vim plugin), could allow attackers to gain control of a user’s computer if a malicious TAR file is opened.
Vim’s tar.vim plugin is designed to help users view and edit TAR files (a type of compressed archive) directly in the text editor. Unfortunately, a recent update introduced an issue where filenames within these TAR files were not adequately checked or "sanitized." Cybercriminals can exploit this by crafting a specially designed TAR file to execute harmful commands on a victim's computer once the file is opened in Vim.
https://github.com/vim/vim/security/advisories/GHSA-wfmf-8626-q3r3
#cybersecurity #vulnerability #vim #tar #plugin #cve #code_execution #Ry0taK
VMware recently addressed several serious security flaws in their products, including ESXi, Workstation, and Fusion.
CVE-2025-22224: This critical flaw allows attackers to send malicious data to the system, causing it to behave unpredictably.
CVE-2025-22225: This vulnerability lets attackers write data into restricted areas of the system. By doing so, they can escape the virtual machine's sandbox (a protective barrier) and gain unauthorized access to the host system.
CVE-2025-22226: This flaw allows attackers to read sensitive information from the system's memory.
https://blogs.vmware.com/security/
#cybersecurity #vulnerability #cve #vmware #esxi #workstation #pro #player #fusion #cloud #heap_overflow
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a serious security flaw in some Cisco Small Business routers. These routers are used by small businesses to connect to the internet. The flaw, known as CVE-2023-20118, allows hackers to take control of the router and potentially access sensitive information on the network.
https://www.cisa.gov/known-exploited-vulnerabilities-catalog
#cybersecurity #vulnerability #cisco #router #cisa #cve #RV016 #RV042 #RV042G #RV082 #RV320 #RV325
QR codes, those black-and-white squares you scan with your phone, are becoming a new tool for scammers. This type of scam is called "quishing," a mix of QR codes and phishing. Scammers use fake QR codes to trick people into giving away personal information or downloading harmful software.
Quishing works by placing fake QR codes in public places like parking meters, restaurants, or even on delivery packages. When someone scans the fake code, they are directed to a malicious website that looks real. This website might ask for personal details, like passwords or credit card numbers, or it might download malware onto the user's device.
One common scenario involves scammers putting fake QR codes on parking meters. When people scan these codes to pay for parking, they are redirected to a fake payment site that steals their payment information. Another example is scammers posing as utility companies or government agencies, sending fake QR codes in emails or text messages. Scanning these codes can lead to identity theft or financial loss.
Quishing is effective because people are often less cautious when scanning QR codes compared to clicking on suspicious links. To protect yourself, treat scanning a QR code like clicking on an unknown link.
https://hackread.com/rise-of-qr-phishing-how-scammers-exploit-qr-codes/
#cybersecurity #qr #qr_codes #quishing #phishing #scam #identity_theft
A new linux malware, called Auto-Color, was discovered by cybersecurity researchers at Palo Alto Networks' Unit 42, a team specializing in analyzing and uncovering cyber threats. This malware (backdoor) is a tool used by hackers to secretly gain access to computers running the Linux operating system, allowing them to carry out harmful activities while staying hidden.
Auto-Color is designed to be extremely stealthy. For example, it camouflages itself within the system and alters activity logs to make everything appear normal. It’s like an invisible burglar who not only sneaks into your digital “house” but also covers their tracks so you don’t notice their presence. This makes it difficult for security tools to detect and block its actions.
https://unit42.paloaltonetworks.com/new-linux-backdoor-auto-color/
#cybersecurity #malware #linux #backdoor #autocolor #paloaltonetworks #unit42
The new Linux malware named Auto-color uses advanced evasion tactics. Discovered by Unit 42, this article cover its installation, evasion features and more. The new Linux malware named Auto-color uses advanced evasion tactics. Discovered by Unit 42, this article cover its installation, evasion features and more.
Imagine someone having access to every message you send, every photo you take, and knowing exactly where you are at all times. This isn't science fiction - it's happening right now to thousands of people
#cybersecurity #spyware #spyzie #stalkerware #android #iphone #app #techcrunch
Two cybersecurity researchers recently uncovered a significant vulnerability in the FlyCASS system, which manages the Known Crewmember (KCM) and Cockpit Access Security System (CASS) programs for airlines. This flaw could potentially allow unauthorized individuals to gain access to sensitive areas of airports and even fly in aircraft cockpits.
The researchers discovered that the FlyCASS login page was susceptible to a simple SQL injection attack. By inserting malicious SQL code into the username field, they were able to bypass the login system and gain administrative access to the database.
Once inside, they found they could add any name to the list of approved pilots and crew members without any additional checks. This meant anyone with basic knowledge of SQL injection could potentially log in and add themselves to the KCM and CASS lists.
https://www.theregister.com/2024/08/30/sql_injection_known_crewmember/
#cybersecurity #vulnerabiity #sql #sql_injection #attack #flycass #login #kcm #cass #airlines
