Search
Login
Register
Menu
HOME
Current Articles
|
Archives
|
Search
11
WIRTE Leverages AshenLoader Sideloading to Install the AshTag Espionage Backdoor
Master Code Fu
posted on December 11, 2025 12:34
An advanced persistent threat (APT) known as WIRTE has been attributed to attacks targeting government and diplomatic entities across the Middle East with a previously undocumented malware suite dubbed AshTag since 2020. Palo Alto Networks is tracking the activity cluster under the name Ashen Lepus. Artifacts uploaded to the VirusTotal platform show that the threat actor has trained its sights
[Read the rest of this article...]
Posted in:
Security News
Actions:
E-mail
|
Permalink
|
Comments (0)
11
Unpatched Gogs Zero-Day Exploited Across 700+ Instances Amid Active Attacks
Master Code Fu
posted on December 11, 2025 12:34
A high-severity unpatched security vulnerability in Gogs has come under active exploitation, with more than 700 compromised instances accessible over the internet, according to new findings from Wiz. The flaw, tracked as CVE-2025-8110 (CVSS score: 8.7), is a case of file overwrite in the file update API of the Go-based self-hosted Git service. A fix for the issue is said to be currently in the
[Read the rest of this article...]
Posted in:
Security News
Actions:
E-mail
|
Permalink
|
Comments (0)
11
Chrome Targeted by Active In-the-Wild Exploit Tied to Undisclosed High-Severity Flaw
Master Code Fu
posted on December 11, 2025 12:34
Google on Wednesday shipped security updates for its Chrome browser to address three security flaws, including one it said has come under active exploitation in the wild. The vulnerability, rated high in severity, is being tracked under the Chromium issue tracker ID "466192044." Unlike other disclosures, Google has opted to keep information about the CVE identifier, the affected component, and
[Read the rest of this article...]
Posted in:
Security News
Actions:
E-mail
|
Permalink
|
Comments (0)
11
Active Attacks Exploit Gladinet's Hard-Coded Keys for Unauthorized Access and Code Execution
Master Code Fu
posted on December 11, 2025 12:34
Huntress is warning of a new actively exploited vulnerability in Gladinet's CentreStack and Triofox products stemming from the use of hard-coded cryptographic keys that have affected nine organizations so far. "Threat actors can potentially abuse this as a way to access the web.config file, opening the door for deserialization and remote code execution," security researcher Bryan Masters said.
[Read the rest of this article...]
Posted in:
Security News
Actions:
E-mail
|
Permalink
|
Comments (0)
11
React2Shell Exploitation Delivers Crypto Miners and New Malware Across Multiple Sectors
Master Code Fu
posted on December 11, 2025 12:34
React2Shell continues to witness heavy exploitation, with threat actors leveraging the maximum-severity security flaw in React Server Components (RSC) to deliver cryptocurrency miners and an array of previously undocumented malware families, according to new findings from Huntress. This includes a Linux backdoor called PeerBlight, a reverse proxy tunnel named CowTunnel, and a Go-based
[Read the rest of this article...]
Posted in:
Security News
Actions:
E-mail
|
Permalink
|
Comments (0)
Page 1 of 10
First
Previous
[1]
2
3
4
5
6
7
8
9
10
Next
Last