Japan’s National Police Agency (NPA) and National Center of Incident Readiness and Strategy for Cybersecurity (NCSC) accused a China-linked threat actor named MirrorFace of orchestrating a persistent attack campaign targeting organizations, businesses, and individuals in the country since 2019. The primary objective of the attack campaign is to steal information related to Japan’s national
Threat actors are attempting to take advantage of a recently disclosed security flaw impacting GFI KerioControl firewalls that, if successfully exploited, could allow malicious actors to achieve remote code execution (RCE). The vulnerability in question, CVE-2024-52875, refers to a carriage return line feed (CRLF) injection attack, paving the way for HTTP response splitting, which could […]
Nintendo Switch 2, expected in April 2025, features a wider design, new Joy-Cons, backward compatibility, and ample stock to prevent scalping. The post The alleged Nintendo Switch 2 console mockup looks promising appeared first on MSPoweruser.
Google is updating Progressive Web Application (PWA) icons on Chrome for Mac to look native by matching Apple’s design style The post Google improves PWA icons on Chrome for Mac to match Apple’s style appeared first on MSPoweruser.
Ivanti is warning that a critical security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA Gateways has come under active exploitation in the wild beginning mid-December 2024. The security vulnerability in question is CVE-2025-0282 (CVSS score: 9.0), a stack-based buffer overflow that affects Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version […]
08
Jan
Jan
Our thoughts are with the people and communities affected by the greater Los Angeles wildfires. We have been working closely with local authorities to provide accurate a…
Premium WordPress plugin Fancy Product Designer from Radykal is vulnerable to two critical severity flaws that remain unfixed in the current latest version. […]
Ivanti is warning that a new Connect Secure remote code execution vulnerability tracked as CVE-2025-0282 was exploited in zero-day attacks to install malware on appliances. […]
Russian internet service provider Nodex confirmed on Tuesday that its network was “destroyed” in a cyberattack claimed by Ukrainian hacktivists part of the Ukrainian Cyber Alliance […]
SonicWall is emailing customers urging them to upgrade their firewall’s SonicOS firmware to patch an authentication bypass vulnerability in SSL VPN and SSH management that is “susceptible to actual exploitation.” […]