More results...
Cybersecurity researchers have stumbled upon a treasure trove of operational tools and scripts linked to the KeyPlug malware, associated with the threat group RedGolf, also known as APT41. The server, which was inadvertently exposed for less than 24 h…
The CVE-2025-22457 has already been exploited by a China-nexus hacking gang notorious for breaking into edge network devices.
The post Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle appeared first on SecurityWeek.
VPNs are popular due to the fact they add security and privacy to what are otherwise fairly open Wi-Fi and public internet channels. But can VPNs be tracked by the police?
A suspected Chinese APT group has exploited CVE-2025-22457 – a buffer overflow bug that was previously thought not to be exploitable – to compromise appliances running Ivanti Connect Secure (ICS) 22.7R2.5 or earlier or Pulse Connect Secure …
Cybersecurity company GreyNoise is warning about a significant increase of scanning activity targeting internet-facing Palo Alto Networks GlobalProtect portals in the last 30 days, and has urged organizations with exposed systems to secure them and loo…
A new malware campaign has been uncovered, involving a sophisticated stealer known as Arcane, which is distributed through YouTube videos promoting game cheats. This campaign highlights the evolving tactics of cybercriminals, who continue to exploit po…
In recent years, VPN vulnerabilities have emerged as a critical threat vector for organizations worldwide. Threat actors, including both cybercriminal groups and state-sponsored entities, are increasingly exploiting these vulnerabilities to gain unauth…
SilentCryptoMiner, disguised as a VPN bypass tool, infected over 2,000 Russian users by exploiting weak security measures. Stay vigilant.
The post SilentCryptoMiner Infects 2,000 Russian Users via Fake VPN Tools appeared first on eSecurity Planet.
new data has emerged linking over 2,400 IP addresses associated with Astrill VPN to individuals believed to be North Korean IT workers. These findings were reported by a cyber security source, who obtained the information from http://Spur.us, a platfor…
Security researchers have uncovered new evidence that North Korean threat actors, particularly the Lazarus Group, are actively using Astrill VPN to conceal their true IP addresses during cyberattacks and fraudulent IT worker schemes. Silent Push, a cyb…