2025 and Security - Information Management Today

Authentication bypass CVE-2025-22230 impacts VMware Windows Tools

Security Affairs

MARCH 26, 2025

Broadcom addressed a high-severity authentication bypass vulnerability, tracked as CVE-2025-22230, in VMware Tools for Windows. Broadcom released security updates to address a high-severity authentication bypass vulnerability, tracked as CVE-2025-22230 (CVSS score 9.8), impacting VMware Tools for Windows.

Authentication

Authentication Cloud Access Security

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

The Last Watchdog

DECEMBER 16, 2024

Williams Brandon Williams , CTO, Conversant Group Predictions for 2025 point to attack speeds increasing by up to 100X, necessitating faster detection and response times. Raising security baselines across industries is essential, with risk mitigationnot acceptancebecoming the standard.

Security

Security Phishing IoT Risk

Gladinet flaw CVE-2025-30406 actively exploited in the wild

Security Affairs

APRIL 15, 2025

Huntress reports active exploitation of Gladinet CVE-2025-30406 in the wild, affecting seven organizations and 120 endpoints. Security researchers at Huntress warn of attacks in the wild exploiting a critical vulnerability, tracked as CVE-2025-30406 , in Gladinet CentreStack and Triofox software.

Cybersecurity

Cybersecurity Risk Security IT

Webinars

Automation, Evolved: Your New Playbook for Smarter Knowledge Work

MORE WEBINARS

Google fixed the first actively exploited Chrome zero-day since the start of the year

Security Affairs

MARCH 26, 2025

Google has released out-of-band fixes to address a high-severity security vulnerability, tracked as CVE-2025-2783 , in Chrome browser for Windows. Kaspersky researchers Boris Larin (@oct0xor) and Igor Kuznetsov (@2igosha) reported the vulnerability on March 20, 2025. ” reads the advisory published by Google.

Libraries

Libraries Communications Security IT

CERT-UA reports attacks in March 2025 targeting Ukrainian agencies with WRECKSTEEL Malware

Security Affairs

APRIL 4, 2025

The Computer Emergency Response Team of Ukraine (CERT-UA) reported three cyberattacks in March 2025 targeting Ukrainian agencies and infrastructure to steal sensitive data. Notably, from 2025 onwards, the screenshot functionality shifted to being powered by PowerShell. This activity is tracked under the identifier UAC-0219.

Government

Government Information Security IT Security

Pwn2Own Automotive 2025 Day 1: organizers awarded $382,750 for 16 zero-days

Security Affairs

JANUARY 22, 2025

Trend Micros Zero Day Initiative (ZDI) announced that $380K was awarded on Day 1 of Pwn2Own Automotive 2025. Trend Micros Zero Day Initiative (ZDI) announced that over $380,000 was awarded on Day 1 of Pwn2Own Automotive 2025, a hacking contest that was held in Tokyo. That wraps up Day 1 of #Pwn2Own Automotive 2025!

Information Security

Information Security IT Security

DHS Warns Election Security Risks May Persist Into 2025

Data Breach Today

OCTOBER 7, 2024

DHS Says Adversaries May Stoke Voter Fraud Fears Long After Election Day The latest Homeland Security threat assessment lists this year’s election cycle as a top concern for 2025 and a potential trigger for domestic terrorism.

Risk

Risk Security

China-linked group UNC5221 exploited Ivanti Connect Secure zero-day since mid-March

Security Affairs

APRIL 3, 2025

Ivanti addressed a critical remote code execution flaw in Connect Secure, which has been exploited since at least mid-March 2025. Ivanti released security updates to address a critical Connect Secure remote code execution vulnerability tracked as CVE-2025-22457. and earlier), Pulse Connect Secure 9.x

Security

Security Cybersecurity IT Information Security

News alert: SquareX to present on uncovering data splicing attacks at BSides San Francisco 2025

The Last Watchdog

APRIL 16, 2025

16, 2025, CyberNewswire — SquareX researchers Jeswin Mathai and Audrey Adeline will be disclosing a new class of data exfiltration techniques at BSides San Francisco 2025. DLP is a core pillar of every enterprise security stack. She is also a published author of The Browser Security Field Manual.

Cloud

Cloud Ransomware Cybersecurity Data breaches

Broadcom fixed information disclosure flaws in VMware Aria Operations

Security Affairs

JANUARY 31, 2025

Broadcom addressed the following vulnerabilities in VMware Aria Operations and Aria Operations for Logs: CVE-2025-22218 (CVSS score 8.5) CVE-2025-22219 (CVSS score: 6.8) CVE-2025-22220 (CVSS score: 4.3) – is a privilege escalationvulnerability. CVE-2025-22222 (CVSS score: 7.7) VMware Aria Operations Version 8.18.3

Authentication

Authentication Cloud Cybersecurity Access

A flaw in Verizon’s iOS Call Filter app exposed call records of millions

Security Affairs

APRIL 5, 2025

The researchers Evan Connelly reported the flaw to Verizon on February 22, 2025, the vulnerability was addressed in mid-March. Since Cequints own website is down, concerns arise about how much user data this lesser-known company holdsand how securely it’s managed. ” warned the expert.

Metadata

Metadata Risk Passwords Authentication

SonicWall warns of a critical CVE-2025-23006 zero-day likely exploited in the wild

Security Affairs

JANUARY 24, 2025

SonicWall is waring customers of a critical security vulnerability, tracked as CVE-2025-23006 (CVSS score of 9,8) impacting its Secure Mobile Access (SMA) 1000 Series appliances. Refer to the SMA1000 Administration Guide, section – Best Practices for Securing the Appliance.” ” reads the advisory.

Authentication

Authentication Access Passwords Security

ASUS routers with AiCloud vulnerable to auth bypass exploit

Security Affairs

APRIL 18, 2025

ASUS warns of an authentication bypass vulnerability, tracked as CVE-2025-2492 (CVSS v4 score: 9.2), which impacts routers with AiCloud enabled. ” reads the ASUS Product Security Advisory. ” The Taiwanese multinational company recommends users to regularly check their devices and security settings to stay protected.

Authentication

Authentication Passwords Access Security

Palo Alto warns of brute-force login attempts on PAN-OS GlobalProtect gateways indicating possible upcoming attacks

Security Affairs

APRIL 11, 2025

The security firm pointed out that no known vulnerability has been exploited, but monitoring and analysis continue. ” Recently, the threat intelligence firm GreyNoise reported a spike in login scanning targeting PAN-OS GlobalProtect portals starting March 17, 2025, peaking at 23,958 unique IPs. . ” concludes GreyNoise.

Passwords

Passwords Access Security IT

U.S. CISA adds SonicWall SMA1000 flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

JANUARY 24, 2025

Cybersecurity and Infrastructure Security Agency (CISA) adds SonicWall SMA1000 vulnerability to its Known Exploited Vulnerabilities catalog. This week, SonicWall warned customers of a critical security vulnerability, tracked as CVE-2025-23006 (CVSS score of 9,8) impacting its Secure Mobile Access (SMA) 1000 Series appliances.

IT

IT Authentication Cybersecurity Access

U.S. CISA adds six Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

MARCH 12, 2025

Cybersecurity and Infrastructure Security Agency (CISA) adds six Microsoft Windowsflaws to its Known Exploited Vulnerabilities catalog. CVE-2025-24984 (CVSS 4.6): An NTFS information disclosure flaw that lets attackers with physical access and a malicious USB device read portions of heap memory. A few days ago, U.S.

IT

IT Cybersecurity Access Security

Apple backported fixes for three actively exploited flaws to older devices

Security Affairs

APRIL 2, 2025

The three vulnerabilities are: CVE-2025-24085 (CVSS score: 7.3) – In January, Apple released security updates to address 2025s first zero-day vulnerability, tracked as CVE-2025-24085 , actively exploited in attacks targeting iPhone users. Apples USB Restricted Mode is a security feature introduced in iOS 11.4.1

Security

Security Access IT Information Security

7 password rules security experts live by in 2025 - the last one might surprise you

Collaboration 2.0

APRIL 4, 2025

What makes a password strong in 2025? How long should it be, and how often should you update it? Here's the latest recommendations from top cybersecurity experts.

Passwords

Passwords Cybersecurity Security IT

Government contractor Conduent disclosed a data breach

Security Affairs

APRIL 16, 2025

The business services provider Conduent told the SEC a January cyberattack exposed personal data, including names and Social Security numbers. The business services provider Conduent revealed that personal information, including names and Social Security numbers, was stolen in a January cyberattack.

Data breaches

Data breaches Government Business Services Personal data

Medusa ransomware uses malicious Windows driver ABYSSWORKER to disable security tools

Security Affairs

MARCH 24, 2025

Medusa ransomware uses a malicious Windows driver ABYSSWORKER to disable security tools, making detection and mitigation more difficult. Elastic Security Labs tracked a financially driven MEDUSA ransomware campaign using a HEARTCRYPT-packed loader and a revoked certificate-signed driver, ABYSSWORKER, to disable EDR tools.

Ransomware

Ransomware Security IT Access

Microsoft Patch Tuesday updates for January 2025 fixed three actively exploited flaws

Security Affairs

JANUARY 15, 2025

Microsoft Patch Tuesday security updates for January 2025 addressed 161 vulnerabilities, including three actively exploited issues. ZDI researchers pointed out that this is the largest number of vulnerabilities addressed in by Microsoft montly security updates since 2017. are actively exploited in the wild.

Authentication

Authentication Security

GitLab addressed critical auth bypass flaws in CE and EE

Security Affairs

MARCH 13, 2025

GitLab released security updates to address critical vulnerabilities in Community Edition (CE) and Enterprise Edition (EE). The company addressed nine vulnerabilities, including the two critical ruby-saml authentication bypass issues respectively tracked as CVE-2025-25291 and CVE-2025-25292. GitLab CE/EE versions 17.7.7,

Authentication

Authentication Libraries Data breaches Security

DeepSeek database exposed highly sensitive information

Security Affairs

JANUARY 30, 2025

After responsible disclosure, DeepSeek promptly secured the issue. Researchers discovered two unusual open ports (8123 and 9000) on DeepSeek’s servers, which provided access to a publicly exposed ClickHouse database without authentication, raising significant security concerns. ” reads the report published by Wiz.

Metadata

Metadata Authentication Access Passwords

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

Security Affairs

MARCH 20, 2025

In March 2025, threat actors distributed archived messages through Signal. CERT-UA’s report states that the UAC-0200 activity has been tracked since summer 2024, with recent decoy messages (since February 2025) focusing on UAVs and electronic warfare.

Computer and Electronics

Computer and Electronics Archiving Passwords Government

Forrester's 2025 Predictions: Gen AI Investments to Decline

Data Breach Today

OCTOBER 28, 2024

Forrester's Cody Scott on Why 2025 Will Be Pivotal for Security Leaders Forrester's 2025 Predictions for Cybersecurity, Risk and Privacy report forecasts that security leaders will scale back generative AI investments by 10%.

Privacy

Privacy Cybersecurity Risk Security

Attackers can bypass middleware auth checks by exploiting critical Next.js flaw

Security Affairs

MARCH 24, 2025

React framework addressed a critical vulnerability tracked as CVE-2025-29927 (CVSS score of 9.1) has been released to address a security vulnerability ( CVE-2025-29927 ). Maintainers of Next.js with the release of versions versions 12.3.5, 14.2.25, and 15.2.3. “Next.js version 15.2.3 ” reads the advisory.

Cybersecurity

Cybersecurity Risk Access Security

TeamViewer fixed a vulnerability in Windows client and host applications

Security Affairs

JANUARY 30, 2025

TeamViewer released security patches for a high-severity elevation of privilege vulnerability, tracked as CVE-2025-0065 (CVSS score of 7.8), in its remote access solutions for Windows. TeamViewer has patched a high-severity privilege escalation vulnerability affecting its Windows client and host applications. for Windows.

Access

Access IT Security Information Security

Polish Space Agency POLSA disconnected its network following a cyberattack

Security Affairs

MARCH 5, 2025

The agency revealed that it has disconnected its infrastructure to contain the attack and secure data, a circumstance that suggests it was the victim of a ransomware attack. To secure data after the breach, POLSA’s network was immediately disconnected from the internet. “A cybersecurity incident has occurred at POLSA.

IT

IT Ransomware Cybersecurity Security

Hertz disclosed a data breach following 2024 Cleo zero-day attack

Security Affairs

APRIL 15, 2025

On February 10, 2025, we confirmed that Hertz data was acquired by an unauthorized third party that we understand exploited zero-day vulnerabilities within Cleos platform in October 2024 and December 2024.” Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerability CVE-2024-50623 (CVSS score 8.8),which

Data breaches

Data breaches Ransomware Cybersecurity Government

Security Affairs newsletter Round 512 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

FEBRUARY 23, 2025

Every week the best security articles from Security Affairs are free in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Lazarus APT stole $1.5B

Security

Security CMS Phishing Encryption

U.S. CISA adds Microsoft Power Pages flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

FEBRUARY 23, 2025

Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Power Pages vulnerability to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added a Microsoft Power Pages vulnerability, tracked as CVE-2025-24989 , to its Known Exploited Vulnerabilities (KEV) catalog.

IT

IT Cybersecurity Risk Access

U.S. CISA adds Edimax IC-7100 IP Camera, NAKIVO, and SAP NetWeaver AS Java flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

MARCH 20, 2025

Cybersecurity and Infrastructure Security Agency (CISA) adds Edimax IC-7100 IP Camera, NAKIVO,and SAP NetWeaver AS Java flaws to its Known Exploited Vulnerabilities catalog. Akamai researchers discovered the vulnerability, and the cyber security firm confirmed ([ 1 ],[ 2 ]) that the flaw is actively exploited in the wild.

IT

IT Cybersecurity Risk Security

Navigating AI-powered cyber threats in 2025: 4 expert security tips for businesses

Collaboration 2.0

MARCH 13, 2025

AI-powered cyber threats are reshaping security landscapes. Businesses that don't evolve will be vulnerable to increasingly sophisticated attacks - here's how to stay ahead.

Security

U.S. CISA adds Cisco Smart Licensing Utility flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

MARCH 31, 2025

Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco Smart Licensing Utility flaw to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added a Cisco Smart Licensing Utility vulnerability, tracked as CVE-2024-20439 , to its Known Exploited Vulnerabilities (KEV) catalog.

IT

IT Cybersecurity Access Passwords

Cisco addressed two critical flaws in its Identity Services Engine (ISE)

Security Affairs

FEBRUARY 6, 2025

Cisco addressed multiple vulnerabilities, including two critical remote code execution flaws, tracked as CVE-2025-20124 (CVSS score of 9.9) and CVE-2025-20125 (CVSS score of 9.1), in Identity Services Engine (ISE). “This vulnerability is due to insecure deserialization of user-supplied Java byte streams by the affected software.”

IT

IT Authentication Information Security Security

Critical flaw in Apache Parquet’s Java Library allows remote code execution

Security Affairs

APRIL 4, 2025

Experts disclosed a critical vulnerability, tracked as CVE-2025-30065 (CVSS score of 10.0), impacting Apache Parquet’s Java Library that could allow remote code execution “Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 The vulnerability CVE-2025-30065 is a Deserialization of Untrusted Data issue.

Libraries

Libraries Big data Risk Ransomware

Microsoft to tighten Windows security dramatically in 2025 - here's how

Collaboration 2.0

NOVEMBER 19, 2024

Stung by last summer's CrowdStrike meltdown, which crashed Windows PCs and servers worldwide, Microsoft is rolling out a wide range of security changes to Windows. Here's what to expect over the next year

Security

Millions of SK Telecom customers are potentially at risk following USIM data compromise

Security Affairs

APRIL 22, 2025

The Universal Subscriber Identity Module (USIM) is a smart card used in mobile devices, it securely stores subscriber information, including the International Mobile Subscriber Identity (IMSI) and cryptographic keys. The telecom giant detected an infection of its systems at 11 PM on Saturday, April 19, 2025. on Tuesday, April 22.

Risk

Risk Data breaches IoT Authentication

5 biggest Linux and open-source stories of 2024: From AI arguments to security close calls

Collaboration 2.0

DECEMBER 23, 2024

AI arrived, security troubles were dodged, and after years of development, real-time Linux finally made it into mainstream Linux. Here's what shook up the open-source world this year and what it means for 2025.

Security

Security IT

Phishers abuse CrowdStrike brand targeting job seekers with cryptominer

Security Affairs

JANUARY 10, 2025

The cybersecurity firm discovered the campaign on January 7, 2025, the company discovered that threat actors used false offers of employment with CrowdStrike. “On January 7, 2025, CrowdStrike identified a phishing campaign exploiting its recruitment branding to deliver malware disguised as an “employee CRM application.”

Phishing

Phishing Mining Authentication Communications

Microsoft fixed actively exploited flaw in Power Pages

Security Affairs

FEBRUARY 20, 2025

Microsoft has addressed two critical vulnerabilities, tracked as CVE-2025-21355 (CVSS score: 8.6) and CVE-2025-24989 (CVSS score: 8.2), respectively impacting Bing and Power Pages. The researcher Nicolas Joly reported the vulnerability.

Authentication

Authentication Access IT Information Security

News alert: Aembit announces speakers for NHIcon event, highlighting non-human identity security

The Last Watchdog

JANUARY 15, 2025

15, 2025, CyberNewswire — Aembit , the non-human identity and access management (IAM) company, unveiled the full agenda for NHIcon 2025, a virtual event dedicated to advancing non-human identity security, streaming live on Jan. Silver Spring, MD, Jan. 28 and headlined by industry luminary Kevin Mandia.

Security

Security Cloud Risk Access

Attackers are exploiting recently disclosed OttoKit WordPress plugin flaw

Security Affairs

APRIL 12, 2025

Threat actors are exploiting a recently discovered vulnerability, tracked asCVE-2025-3102(CVSS score of 8.1) The researcherMichael Mazzolini discovered the vulnerabilityon March 13, 2025. on April 3, 2025. Threat actors are exploiting a vulnerability inthe OttoKitWordPress plugin, a few hours after public disclosure.

Authentication

Authentication Passwords Cybersecurity IT

Microsoft Patch Tuesday security updates for February 2025 ficed 2 actively exploited bugs

Security Affairs

FEBRUARY 11, 2025

Microsoft Patch Tuesday security updates for February 2025 addressed four zero-day flaws, two of which are actively exploited in the wild. CVE-2025-21391 is a Windows Storage privilege escalation flaw exploited in the wild. ” CVE-2025-21418 is a Windows Ancillary Function Driver for WinSock privilege escalation flaw. .

Security

Security Passwords Authentication IT

Authentication bypass CVE-2025-22230 impacts VMware Windows Tools

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

Webinars

Trending Sources

Gladinet flaw CVE-2025-30406 actively exploited in the wild

Webinars

Google fixed the first actively exploited Chrome zero-day since the start of the year

CERT-UA reports attacks in March 2025 targeting Ukrainian agencies with WRECKSTEEL Malware

Pwn2Own Automotive 2025 Day 1: organizers awarded $382,750 for 16 zero-days

DHS Warns Election Security Risks May Persist Into 2025

China-linked group UNC5221 exploited Ivanti Connect Secure zero-day since mid-March

News alert: SquareX to present on uncovering data splicing attacks at BSides San Francisco 2025

Broadcom fixed information disclosure flaws in VMware Aria Operations

A flaw in Verizon’s iOS Call Filter app exposed call records of millions

SonicWall warns of a critical CVE-2025-23006 zero-day likely exploited in the wild

ASUS routers with AiCloud vulnerable to auth bypass exploit

Palo Alto warns of brute-force login attempts on PAN-OS GlobalProtect gateways indicating possible upcoming attacks

U.S. CISA adds SonicWall SMA1000 flaw to its Known Exploited Vulnerabilities catalog

U.S. CISA adds six Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog

Apple backported fixes for three actively exploited flaws to older devices

7 password rules security experts live by in 2025 - the last one might surprise you

Government contractor Conduent disclosed a data breach

Medusa ransomware uses malicious Windows driver ABYSSWORKER to disable security tools

Microsoft Patch Tuesday updates for January 2025 fixed three actively exploited flaws

GitLab addressed critical auth bypass flaws in CE and EE

DeepSeek database exposed highly sensitive information

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

Forrester's 2025 Predictions: Gen AI Investments to Decline

Attackers can bypass middleware auth checks by exploiting critical Next.js flaw

TeamViewer fixed a vulnerability in Windows client and host applications

Polish Space Agency POLSA disconnected its network following a cyberattack

Hertz disclosed a data breach following 2024 Cleo zero-day attack

Security Affairs newsletter Round 512 by Pierluigi Paganini – INTERNATIONAL EDITION

U.S. CISA adds Microsoft Power Pages flaw to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Edimax IC-7100 IP Camera, NAKIVO, and SAP NetWeaver AS Java flaws to its Known Exploited Vulnerabilities catalog

Navigating AI-powered cyber threats in 2025: 4 expert security tips for businesses

U.S. CISA adds Cisco Smart Licensing Utility flaw to its Known Exploited Vulnerabilities catalog

Cisco addressed two critical flaws in its Identity Services Engine (ISE)

Critical flaw in Apache Parquet’s Java Library allows remote code execution

Microsoft to tighten Windows security dramatically in 2025 - here's how

Millions of SK Telecom customers are potentially at risk following USIM data compromise

5 biggest Linux and open-source stories of 2024: From AI arguments to security close calls

Phishers abuse CrowdStrike brand targeting job seekers with cryptominer

Microsoft fixed actively exploited flaw in Power Pages

News alert: Aembit announces speakers for NHIcon event, highlighting non-human identity security

Attackers are exploiting recently disclosed OttoKit WordPress plugin flaw

Microsoft Patch Tuesday security updates for February 2025 ficed 2 actively exploited bugs

Stay Connected