Cybersecurity Weekly Recap: Key Updates on Attacks, Vulnerabilities, & Data Breaches

Threat actors have exploited a PHP CGI remote code execution (RCE) vulnerability, enabling unauthorized access and potential system compromise. Commvault patched a critical webserver vulnerability that could allow attackers to deploy malicious webshells, leading to unauthorized access and data breaches. A critical vulnerability in Windows Remote Desktop Services has been identified, potentially allowing attackers to execute malicious code remotely. GitLab has warned users about multiple vulnerabilities affecting its platform, urging immediate updates to mitigate risks of unauthorized access and data breaches. The Laravel PHP framework was found to have a vulnerability that could allow attackers to exploit improperly sanitized inputs, potentially leading to data manipulation or unauthorized access. PeakLight malware has emerged as a significant threat, targeting users with advanced evasion techniques and data exfiltration capabilities. Bitdefender has identified several vulnerabilities across its security products that require urgent patching to prevent exploitation by attackers. The RedCurl advanced persistent threat (APT) group has been observed using Active Directory Explorer as part of its attack strategy against organizations. Key topics include advanced ransomware attacks and the increasing influence of state-sponsored cyber activities on global security. Known as the “Zygote Injection” vulnerability, it allows attackers to execute arbitrary code with system privileges by exploiting Android’s Zygote process. We’ll also review recent regulatory developments, such as the European Union’s General Data Protection Regulation (GDPR) and California’s Consumer Privacy Act (CCPA), which are setting new benchmarks for data privacy and security to ensure your compliance strategies remain up-to-date. Apache Tomcat is under threat from a newly identified RCE vulnerability that could be exploited by attackers to gain control over affected servers. CISA has issued a warning about a vulnerability in Microsoft Windows Management Console (MMC), urging users to apply available patches immediately to prevent exploitation. A China-linked threat actor has successfully breached Juniper Networks, raising concerns about supply chain security vulnerabilities. The Medusa ransomware group has compromised over 300 organizations globally, showcasing the growing threat of ransomware attacks across industries. Blind Eagle, a known threat actor group, is attacking organizations using weaponized URL files to deliver malware payloads. Although details are limited, this highlights the growing threat of supply chain attacks targeting software developers. Multiple vulnerabilities in Zoom clients have been disclosed, which could allow attackers to compromise user devices during video conferencing sessions. We also explore how industries are addressing critical cybersecurity challenges, such as securing remote work environments and mitigating vulnerabilities in Internet of Things (IoT) devices. The MirrorFace APT group has exploited vulnerabilities in Windows Sandbox and Visual Studio Code to launch sophisticated attacks. Additionally, we examine how cutting-edge technologies like artificial intelligence (AI), machine learning (ML), and quantum computing are reshaping cybersecurity both as tools for protection and as potential vulnerabilities exploited by adversaries. These flaws could allow attackers to disrupt operations or gain unauthorized access to sensitive systems. Fortinet has addressed several vulnerabilities across its product line, including FortiOS and FortiProxy, which could lead to unauthorized access or denial-of-service attacks if left unpatched. A new scam campaign is targeting organizations with physical letters falsely claiming to be from the BianLian ransomware group. A vulnerability in a widely-used Python library has raised concerns about potential exploitation risks in software projects using the library. A major security flaw, CVE-2024-31317, has been identified in Android devices running versions 11 or older. A new malware campaign is exploiting Python Package Index (PyPI) repositories to trick developers into downloading malicious packages. This highlights the importance of scrutinizing open-source software and implementing robust security measures for downloads. This flaw allows attackers to execute arbitrary code by exploiting improper cryptographic signature validation in debugging workflows. Users are advised to apply security updates without delay. Cybercriminals are leveraging YouTube to distribute dCRAT malware, targeting unsuspecting users with malicious links and downloads. A security flaw in Apache NiFi that could expose MongoDB deployments to exploitation has been reported. Organizations are advised to verify their network security and report incidents to law enforcement. These exploits demonstrate the increasing risk posed by advanced persistent threat actors targeting development environments. A high-severity remote code execution (RCE) vulnerability (CVE-2025-24043) was discovered in the SOS debugging extension of Microsoft WinDbg. Security teams are urged to strengthen defenses against this evolving malware strain. Organizations using Tomcat should prioritize patching and implement strict access controls. Users are advised to update their devices and limit USB debugging access.

This Cyber News was published on cybersecuritynews.com. Publication date: Sun, 16 Mar 2025 15:05:20 +0000


Cyber News related to Cybersecurity Weekly Recap: Key Updates on Attacks, Vulnerabilities, & Data Breaches

How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
7 months ago Aws.amazon.com
CVE-2021-36845 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities in YITH Maintenance Mode (WordPress plugin) versions < 1.3.8, there are 46 vulnerable parameters that were missed by the vendor while patching the 1.3.7 version to 1.3.8. ...
3 years ago
Critical insights into Australia's supply chain risk landscape - Australian organizations find themselves navigating a minefield of supply chain risks, with a surge in incidents stemming from multi-party breaches. These breaches are often caused by vulnerabilities in cloud or software providers and are emerging as ...
1 year ago Tripwire.com
Fortinet Contributes to World Economic Forum's Strategic Cybersecurity Talent Framework - Shining a light on the cybersecurity workforce challenge, the World Economic Forum recently published its Strategic Cybersecurity Talent Framework, which is intended to serve as a reference for public and private decision-makers concerned by the ...
11 months ago Feeds.fortinet.com
The year of Mega Ransomware attacks with unprecedented impact on global organizations - A Staggering 1 in every 10 organizations worldwide hit by attempted Ransomware attacks in 2023, surging 33% from previous year, when 1 in every 13 organisations received ransomware attacks Throughout 2023, organizations around the world have each ...
1 year ago Blog.checkpoint.com
Cybersecurity Weekly Recap: Key Updates on Attacks, Vulnerabilities, & Data Breaches - Threat actors have exploited a PHP CGI remote code execution (RCE) vulnerability, enabling unauthorized access and potential system compromise. Commvault patched a critical webserver vulnerability that could allow attackers to deploy malicious ...
1 month ago Cybersecuritynews.com CVE-2024-31317 BianLian Medusa
Cybersecurity Weekly Recap: Latest on Attacks, Vulnerabilities, & Data Breaches - A critical SSRF vulnerability in Microsoft Power Platform’s SharePoint connector allowed attackers to impersonate users and access sensitive data. Ivanti patched a critical command injection vulnerability in its Cloud Services Appliance (CSA), ...
2 months ago Cybersecuritynews.com CVE-2025-0108 CVE-2024-53704 CVE-2024-52875 CVE-2023-20198 CVE-2023-20273 Winnti Group
Cybersecurity Training for Business Leaders - This article explores the significance of cybersecurity training for business leaders and its crucial role in establishing a secure and resilient business environment. By examining the key components of effective training programs and the ...
1 year ago Securityzap.com
The First 10 Days of a vCISO’S Journey with a New Client - Cyber Defense Magazine - During this period, the vCISO conducts a comprehensive assessment to identify vulnerabilities, engages with key stakeholders to align security efforts with business objectives, and develops a strategic roadmap to prioritize actions and resources. If ...
7 months ago Cyberdefensemagazine.com
Student Cybersecurity Clubs: Fostering Online Safety - Student cybersecurity clubs are playing a crucial role in promoting online safety among students. Student cybersecurity clubs play a vital role in this regard, as they provide a platform for students to learn about the latest threats, share best ...
1 year ago Securityzap.com
The Importance of Cybersecurity Education in Schools - Cybersecurity education equips students with the knowledge and skills needed to protect themselves and others from cyber threats. Cybersecurity education can teach students about the impact of cyberbullying, how to prevent it, and how to respond ...
1 year ago Securityzap.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
Cybersecurity Curriculum Development Tips for Schools - With the constant threat of cyber attacks, schools must prioritize the development of a robust cybersecurity curriculum to equip students with the necessary skills and knowledge. This article provides valuable insights and tips for schools aiming to ...
1 year ago Securityzap.com
Growing threats outpace cybersecurity workforce - The cybersecurity skills shortage threatens the well-being and even survival of numerous businesses as cybersecurity threats grow more numerous, sophisticated, and dangerous to the point that cybersecurity groups have vowed not to pay ransom demands. ...
1 year ago Legal.thomsonreuters.com
How to become a cybersecurity architect - Cybersecurity architects implement and maintain a comprehensive cybersecurity framework to protect their company's digital assets. The cybersecurity architect position is a fundamental role that all organizations need, said Lester Nichols, director ...
10 months ago Techtarget.com
Developing Cybersecurity Awareness Programs for Schools - Schools are increasingly becoming targets for cyberattacks, necessitating the development of robust cybersecurity awareness programs. Ultimately, a comprehensive cybersecurity awareness program is essential for schools to mitigate risks, enhance ...
1 year ago Securityzap.com
OT Cybersecurity: Safeguarding Building Operations in a Digitized World - These concerns are brought into the spotlight by high-profile ransomware attacks, which can now penetrate even the most intricate systems. Recently, in September, the gravity of this threat was illustrated when two Las Vegas casinos fell victim to an ...
1 year ago Cyberdefensemagazine.com
What the cybersecurity workforce can expect in 2024 - For cybersecurity professionals, 2023 was a mixed bag of opportunities and concerns. The good news is that the number of people in cybersecurity jobs has reached its highest number ever: 5.5 million, according to the 2023 ISC2 Global Workforce Study. ...
1 year ago Securityintelligence.com
Data Breaches in US Schools Exposed 37.6M Records - Since 2005, educational institutions in the United States have experienced 3713 data breaches, impacting over 37.6m records. According to new data by Comparitech, 2023 marked a record year, with 954 breaches recorded - a dramatic rise from 139 in ...
11 months ago Infosecurity-magazine.com
Digital Learning Tools for Cybersecurity Education - In the field of cybersecurity education, digital learning tools have become indispensable. This article explores various digital learning tools tailored specifically to cybersecurity education. These digital learning tools play a crucial role in ...
1 year ago Securityzap.com
Cybersecurity Compliance: Understanding Regulatory Frameworks - Data breaches continue to increase year over year: there was a 20% increase in data breaches from 2022 to 2023 and globally and there were twice the number of victims in 2023 as compared to 2022. Compliance frameworks vary by industry, region, and ...
1 year ago Offsec.com
Understanding the New SEC Rules for Disclosing Cybersecurity Incidents - The U.S. Securities and Exchange Commission recently announced its new rules for public companies regarding cybersecurity risk management, strategy, governance, and incident exposure. "Currently, many public companies provide cybersecurity disclosure ...
1 year ago Feeds.dzone.com
Data Loss Prevention for Business: Strategies and Tools - Data Loss Prevention has become crucial in today's data-driven business landscape to protect sensitive information. This discussion aims to provide valuable insights into DLP strategies and tools for business, helping mitigate data loss risks ...
1 year ago Securityzap.com
Cybersecurity Weekly Recap: Key Updates on Attacks, Vulnerabilities - The CL0P ransomware group exploited vulnerabilities to access sensitive employee data, including names and Social Security numbers. SonicWall has patched three vulnerabilities in its NetExtender VPN client for Windows (versions prior to 10.3.2). ...
2 weeks ago Cybersecuritynews.com CVE-2025-29824 Scattered Spider SideCopy
Third-party breaches hit 90% of top global energy companies - A new report from SecurityScorecard reveals a startling trend among the world's top energy companies, with 90% suffering from data breaches through third parties over the last year. This sheds light on the need for these energy companies to adopt a ...
1 year ago Securityintelligence.com

Cyber Trends (last 7 days)