Tag: IMPACT

CISA Warns of Three Actively Exploited Security Vulnerabilities in IoT, Backup, and Enterprise Systems
Summary: The Cybersecurity and Infrastructure Security Agency (CISA) has added three critical vulnerabilities to its Known Exploited Vulnerabilities Catalog, highlighting significant active threats in the cybersecurity landscape. The vulnerabilities impact Edimax IP cameras, NAKIVO Backup and Replication software, and SAP NetWeaver, each of which poses serious risks of system exploitation and data compromise.…
Read More

Victim: St***********.nl Country : Actor: cloak Source: Discovered: 2025-03-20 15:24:32.306368 Published: 2025-03-20 15:24:31.739837 Description : A ransomware attack has targeted the Dutch domain St***********.nl, with the notorious cybercriminal group known as Cloak being identified as the perpetrator. This incident highlights the growing threat of ransomware across various sectors, as Cloak continues to deploy sophisticated tactics to compromise organizations and extort sensitive data for financial gain.…
Read More

Victim: Baltimorecityschools Country : Actor: cloak Source: Discovered: 2025-03-20 15:24:42.862926 Published: 2025-03-20 15:24:36.834665 Description : Baltimore City Public Schools, commonly referred to as City Schools, is a public school district located in Baltimore, Maryland, dedicated to serving the educational needs of the city’s youth. Comprising a diverse array of elementary, middle, and high schools, the district strives to deliver a comprehensive and high-quality education while implementing specialized programs and initiatives aimed at fostering students’ growth and development.…
Read More
VanHelsing Ransomware
The CYFIRMA Research and Advisory Team has discovered the VanHelsing Ransomware, which targets Windows systems and uses advanced encryption methods, making it challenging to detect and remove. It employs double extortion tactics, threatening to leak sensitive data, and stresses the importance of proactive cybersecurity measures and incident response strategies.…
Read More
HellCat hackers go on a worldwide Jira hacking spree
Summary: Swiss global solutions provider Ascom has confirmed a cyberattack attributed to the HellCat hacking group, which targeted their IT infrastructure and compromised their Jira ticketing system. The hackers claimed to have stolen approximately 44GB of sensitive data, although Ascom stated that there was no impact on business operations and no preventive action is needed from customers and partners.…
Read More
SideWinder Threat Group: Maritime and Nuclear Sectors at Risk with Updated Toolset
SideWinder, also known as Rattlesnake or T-APT-04, is an advanced persistent threat group from India that has expanded its operations to target maritime and nuclear sectors across Asia, the Middle East, and Africa since 2012. Known for quickly adapting to security measures, SideWinder employs various tactics, techniques, and procedures (TTPs) to execute sophisticated cyber-attacks, primarily through phishing and malware.…
Read More
Veeam Patches Critical Vulnerability in Backup & Replication
Summary: Veeam has released patches for a critical vulnerability, CVE-2025-23120, in its Backup & Replication software that could allow remote code execution by authenticated domain users. The issue stems from inadequate deserialization procedures within the product, making it susceptible to exploitation. Users are advised to upgrade to the latest version 12.3.1 to mitigate risks associated with this flaw.…
Read More
SQLi, XSS, and SSRF: Breaking Down Zimbra’s Latest Security Threats
The Zimbra Collaboration Suite (ZCS) has recently addressed several critical security vulnerabilities, including stored cross-site scripting (XSS), SQL injection (SQLi), and server-side request forgery (SSRF). Administrators are urged to apply patches and adopt best practices for enhanced security. Affected: Zimbra Collaboration Suite

Keypoints :

Zimbra Collaboration Suite is a popular email and collaboration platform.…
Read More
Critical Flaws Expose SICK DL100 Devices to Code Execution and Password Hacks
Summary: SICK has issued a security advisory regarding critical vulnerabilities in its DL100-2xxxxxxx devices, with three specific CVEs identified that threaten the integrity, availability, and confidentiality of these products. The advisory outlines severe vulnerabilities that may allow for malicious code execution, interception of sensitive information, and exploitation due to weak hashing algorithms.…
Read More
Trump admin’s removal of Democratic FTC commissioners could shift its privacy efforts
Summary: The Trump administration’s removal of two Democratic Federal Trade Commission officials could significantly impact the regulation of big tech and consumer privacy protections. Former commissioners Alvaro Bedoya and Rebecca Kelly Slaughter plan to contest their firings in court, asserting that it undermines established precedents. Their removal may lead to a diminished regulatory stance on harmful practices involving data brokers and technology companies, according to experts.…
Read More
Summary: A critical vulnerability, CVE-2025-29891, has been identified in Apache Camel that may enable attackers to inject harmful headers, thereby altering application behavior. This vulnerability primarily affects various HTTP components of Apache Camel and demands immediate corrective action from developers. Users are urged to upgrade to the patched versions to safeguard their applications from potential exploitation.…
Read More