ICYMI: 2025-01-24
Latest Headlines
RANsacked: Over 100 Security Flaws Found in LTE and 5G Network Implementations
DoJ Indicts 5 Individuals for $866K North Korean IT Worker Scheme Violations
Android’s New Identity Check Feature Locks Device Settings Outside Trusted Locations
CISA Adds Five-Year-Old jQuery XSS Flaw to Exploited Vulnerabilities List
Subaru Starlink Vulnerability Exposed Cars to Remote Hacking
North Korean Fake IT Workers More Aggressively Extorting Enterprises
In Other News: VPN Supply Chain Attack, PayPal $2M Settlement, RAT Builder Hacks Script Kiddies
CISA Warns of Old jQuery Vulnerability Linked to Chinese APT
Hackers Earn $886,000 at Pwn2Own Automotive 2025 for Charger, OS, Infotainment Exploits
Palo Alto Networks Addresses Impact of BIOS, Bootloader Vulnerabilities on Its Firewalls
Kubernetes Cluster RCE Vulnerability Let Attacker Takeover All Windows Nodes
CISA Warns of SonicWall 0-day RCE Vulnerability Exploited in Wild
100+ Vulnerabilities in LTE & 5G Infrastructure Enable Remote Core Compromise
CISA Releases Six ICS Advisories Highlighting Critical Security Vulnerabilities
New JavaScript Attack Hijacking Government And University Websites
370+ Ivanti Connect Secure Exploiting Using 0-day Vulnerability (CVE-2025-0282)
North Korean IT Workers Demands Ransomware By Stealing Companies Source Codes
Bypassing EDR Detection by Exploiting Hardware Breakpoints at CPU Level
phpMyAdmin Vulnerability Let Hackers Trigger XSS Attack With Malicious Tables
Zyxel warns of bad signature update causing firewall boot loops
Microsoft to deprecate WSUS driver synchronization in 90 days
Subaru Starlink flaw let hackers hijack cars in US and Canada
Hackers use Windows RID hijacking to create hidden admin account
Hacker infects 18,000 “script kiddies” with fake malware builder
Microsoft: Outdated Exchange servers fail to auto-mitigate security bugs
Hackers get $886,250 for 49 zero-days at Pwn2Own Automotive 2025
– MTZ