Aggregator

Threat actors have leveraged a recently patched IOS/IOS XE vulnerability (CVE-2025-20352) to deploy Linux rootkits on vulnerable Cisco network devices. “The operation targeted victims running older Linux systems that do not have endpoint detection response solutions,” Trend Micro researchers shared. Once a rootkit was implanted, it would set a universal password (containing the word “disco”) and install several hooks onto the IOSd (process) memory space, to make fileless components disappear after a reboot. About CVE-2025-20352 … More →

The post Hackers used Cisco zero-day to plant rootkits on network switches (CVE-2025-20352) appeared first on Help Net Security.

You must login to view this content

You must login to view this content

You must login to view this content

You must login to view this content

A vulnerability in Microsoft’s newly implemented Rust-based kernel component for the Graphics Device Interface (GDI) in Windows. This flaw, which could trigger a system-wide crash via a Blue Screen of Death (BSOD), highlights the challenges of integrating memory-safe languages into critical OS components. Although Microsoft classified it as moderate severity, the issue underscores potential risks […]

The post Windows Rust Kernel GDI Vulnerability Leads to Crash and Blue Screen of Death Error appeared first on Cyber Security News.

Russia’s APT28 has resurfaced in mid-2025 with a sophisticated spear-phishing campaign that weaponizes Office documents to deploy two novel payloads: BeardShell, a C-based backdoor leveraging IceDrive as a command-and-control channel, and Covenant’s HTTP Grunt Stager, which communicates via the Koofr cloud API. These malicious documents are distributed through private Signal chats, exploiting the application’s lack […]

The post APT28 With Weaponized Office Documents Delivers BeardShell and Covenant Modules appeared first on Cyber Security News.

ConnectWise released a critical security update for its Automate platform on October 16, 2025. The patch, version 2025.9, addresses serious flaws in agent communications that could let attackers intercept sensitive data or push malicious software updates. These vulnerabilities primarily affect on-premises installations, where misconfigurations might expose systems to network-based exploits. The issues stem from environments […]

The post Critical ConnectWise Vulnerabilities Allow Attackers To Inject Malicious Updates appeared first on Cyber Security News.