A ransomware group is actively exploiting an unpatched flaw in security tools used across the U.S. federal government, prompting the U.S. cybersecurity agency CISA to order all civilian agencies to remediate the vulnerability by end of day Wednesday.
Cybersecurity firm Check Point Software said the bug affects several of its remote access tools, firewalls, and VPNs, which act as digital gatekeepers to protect company networks from unauthorized access.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Hackers are exploiting Fortinet firewall bugs to plant ransomware
March 17, 2025
Security researchers have observed hackers linked to the notorious LockBit gang exploiting a pair of Fortinet firewall vulnerabilities to deploy ransomware on several company networks. In a report published last week, security researchers at Forescout Research said a group it’s tracking dubbed “Mora_001” is exploiting the Fortinet firewalls, which sit on the edge of a company’s ...
- Exploitation of Apache Tomcat Vulnerability CVE-2025-24813
March 17, 2025
The Apache Software Foundation has released security updates addressing a vulnerability in Apache Tomcat. Tomcat is an open-source web server and servlet container that is used to deploy and serve Java-based web applications. CVE-2025-24813 is ‘deserialisation of untrusted data’ and ‘path equivalence: file.name (Internal dot)’ vulnerability that an attacker could exploit to achieve remote code execution ...
- Cisco Releases Security Advisories for Cisco IOS XR Software
March 13, 2025
Cisco has released 10 security advisories addressing multiple vulnerabilities, including seven high and three medium severity advisories affecting Cisco IOS XR Software, which is a networking software system. CVE-2025-20138 is an ‘improper neutralization of special elements used in an OS Command’ vulnerability with a CVSSv3 score of 8.8. Successful exploitation could allow an authenticated, remote attacker ...
- Apple Releases Security Updates for Multiple Products
March 12, 2025
Apple has released security updates to address an exploited vulnerability in multiple Apple products. CVE-2025-24201 is an ‘out-of-bounds write’ vulnerability that could allow an attacker with maliciously crafted web content to break out of Web Content sandbox. The security update addressing CVE-2025-24201 is a supplementary fix for an exploited vulnerability that was addressed in iOS 17.2. ...
- Thousands of TP-Link routers have been infected by a botnet to spread malware
March 11, 2025
According to a new report from the Cato CTRL team, the Ballista botnet exploits a remote code execution vulnerability that directly impacts the TP-Link Archer AX-21 router. The botnet can lead to command injection which then makes remote code execution (RCE) possible so that the malware can spread itself across the internet automatically. This high severity ...
- Patch Tuesday – March 2025
March 11, 2025
Microsoft is addressing 57 vulnerabilities this March 2025 Patch Tuesday, which is a similar volume to last month. However, Microsoft has evidence of in-the-wild exploitation for as many as six of the vulnerabilities published today, and CISA KEV already lists all of them. Microsoft is also aware of public disclosure for one other vulnerability. This is ...