ICYMI: 2025-04-24
Latest Headlines
Lazarus Hits 6 South Korean Firms via Cross EX, Innorix Flaws and ThreatNeedle Malware
Linux io_uring PoC Rootkit Bypasses System Call-Based Threat Detection Tools
159 CVEs Exploited in Q1 2025 — 28.3% Within 24 Hours of Disclosure
Darcula Adds GenAI to Phishing Toolkit, Lowering the Barrier for Cybercriminals
Critical Commvault Command Center Flaw Enables Attackers to Execute Code Remotely
WhatsApp Adds Advanced Chat Privacy to Blocks Chat Exports and Auto-Downloads
Gmail’s New Encrypted Messages Feature Opens a Door for Scams
RSA Conference 2025 – Pre-Event Announcements Summary (Part 1)
Jericho Security Gets $15 Million for AI-Powered Awareness Training
Verizon DBIR Flags Major Patch Delays on VPNs, Edge Appliances
SecLytics Rebrands as Augur Security, Raises $7M in Seed Funding
AI-Powered Polymorphic Phishing Is Changing the Threat Landscape
Blue Shield of California Data Breach Impacts 4.7 Million People
Cisco Confirms Some Products Impacted by Critical Erlang/OTP Flaw
5.5 Million Patients Affected by Data Breach at Yale New Haven Health
Threat Actors Taking Advantage of Unsecured Kubernetes Clusters for Cryptocurrency Mining
ToyMaker Hackers Compromised Multitude Hosts Using SSH & File Transfer Tools
New Stego Campaign Leverages MS Office Vulnerability to Deliver AsyncRAT
CISA Confirms Continued Support for CVE Program, No Funding Issues
Linux io_uring Security Blind Spot Let Attackers Stealthily Deploy Rootkits
NVIDIA NeMo Framework Vulnerability Let Attackers Execute Remote Code
Hackers Exploited Ivanti Connect Secure 0-Day to Install DslogdRAT & Web Shell
Citrix NetScaler Console Vulnerability Enables Admin Access – PoC Released
Zyxel RCE Vulnerability Allows Arbitrary Query Execution Without any Authentication
Threat Actors Turn More Sophisticated & Exploiting Zero-Day Vulnerabilities – Google Warns
Hackers abuse OAuth 2.0 workflows to hijack Microsoft 365 accounts
Lazarus hackers breach six companies in watering hole attacks
Microsoft fixes machine learning bug flagging Adobe emails as spam
Frederick Health data breach impacts nearly 1 million patients
Microsoft now pays up to $30,000 for some AI vulnerabilities
Interlock ransomware claims DaVita attack, leaks stolen data
Yale New Haven Health data breach affects 5.5 million patients
Microsoft fixes bug causing incorrect 0x80070643 WinRE errors
Linux ‘io_uring’ security blindspot allows stealthy rootkit attacks
– MTZ