exploit – Page 4 – MCYSEKA-Maritime Cyber Security Knowledge Archive

CVE-2025-24813: Remote Code Execution in Apache Tomcat via Malicious Session Deserialization

CVE-2025-24813: Remote Code Execution in Apache Tomcat via Malicious Session Deserialization Apache Tomcat is a popular, open-source web server and servlet container maintained by the Apache Software Foundation. It provides a reliable and scalable environment for executing Java Servlets and serving web pages built using Java Server Pages (JSP). Frequently deployed in both development and […]

The post CVE-2025-24813: Remote Code Execution in Apache Tomcat via Malicious Session Deserialization appeared first on Blogs on Information Technology, Network & Cybersecurity | Seqrite.

April 10, 2025

0 comment

CISA Analyzes Malware Used in Ivanti Zero-Day Attacks

CISA has published its analysis of Resurge, a SpawnChimera malware variant used in attacks targeting a recent Ivanti Connect Secure zero-day.
The post CISA Analyzes Malware Used in Ivanti Zero-Day Attacks appeared first on SecurityWeek.

March 31, 2025

0 comment

Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783)

Google is in the process of rolling out Chrome v134.0.6998.178 to Windows users to fix CVE-2025-2783, a zero-day vulnerability that allowed attackers to to bypass Chrome sandbox protections. The vulnerability was flagged by Kaspersky researchers, who d…

March 26, 2025

0 comment

Russian Firm Offers $4 Million for Telegram Exploits

A Russian exploit acquisition firm is offering up to $4 million for a full-chain exploit targeting messaging service Telegram.
The post Russian Firm Offers $4 Million for Telegram Exploits appeared first on SecurityWeek.

March 24, 2025

0 comment

APTs have been using zero-day Windows shortcut exploit for eight years (ZDI-CAN-25373)

State-sponsored threat actors and cybercrime groups from North Korea, Iran, Russia, and China have been exploiting a zero-day Windows vulnerability with no fix in sight for the last eight years, researchers with Trend Micro’s Zero Day Initiative …

March 19, 2025

0 comment

Fake CAPTCHA Lures Victims: Lumma Stealer Abuses Clipboard and PowerShell

Fake CAPTCHA Lures Victims: Lumma Stealer Abuses Clipboard and PowerShell Introduction: We recently identified a new malware campaign using fake CAPTCHA pages to deliver Lumma Stealer, an infostealer operating under the malware-as-a-service (MaaS) model, first discovered in 2022. In previous campaigns, including those in mid-2024, attackers used ClickFix a deceptive tactic involving phishing and fake […]

The post Fake CAPTCHA Lures Victims: Lumma Stealer Abuses Clipboard and PowerShell appeared first on Blogs on Information Technology, Network & Cybersecurity | Seqrite.

February 25, 2025

0 comment

CVE-2024-23897 – Jenkins <= 2.441 & <= LTS 2.426.2 PoC And Scanner

Exploitation and scanning tool specifically designed for Jenkins versions <= 2.441 & <= LTS 2.426.2. It leverages CVE-2024-23897 to assess and exploit vulnerabilities in Jenkins instances. Usage Ensure you have the necessary permissions to …

March 13, 2024

0 comment

Apache ActiveMQ bug exploited to deliver Kinsing malware

Attackers are exploiting a recently fixed vulnerability (CVE-2023-46604) in Apache ActiveMQ to install Kinsing malware and cryptocurrency miners on targeted Linux systems. CVE-2023-46604 exploitation Apache ActiveMQ is a popular Java-based open source …

November 21, 2023

0 comment

Danish energy sector hit by a wave of coordinated cyberattacks

The Danish energy sector has suffered what is believed to be the most extensive cyberattack in Danish history, according to SektorCERT. Danish energy sector under attack SektorCERT, an organization owned and funded by Danish critical infrastructure (CI…

November 14, 2023

0 comment

Juniper networking devices under attack

CISA has ordered US federal agencies to patch five vulnerabilities used by attackers to compromise Juniper networking devices, and to do so by Friday. Most of these bugs are not particularly severe by themselves, but they can be – and have been &…

November 14, 2023

0 comment

1 2 3 4 5 6 … 20