Proof-of-Concept Exploits Released for RSync Vulnerabilities

Five vulnerabilities have been discovered within the RSync utility. RSync is a popular tool for transferring and synchronising files between different systems. RSync is commonly used in Unix-like operating systems. CVE-2024-12084 is a ‘heap-based buffer overflow’ vulnerability, with a CVSSv3 Read More …

Ninth day of pro-Russia cyber attacks on Italian sites

A pro-Russian hacker group, Noname057(16), staged for the ninth consecutive morning on Tuesday a new wave of cyberattacks against Italian websites, specifically targeting local administrations. The provinces of Trapani, Ragusa, Caltanissetta, Enna, the municipality of Catania and the Puglia region Read More …

The GitVenom campaign: cryptocurrency theft using GitHub

In our modern world, it’s difficult to underestimate the impact that open-source code has on software development. Over the years, the global community has managed to publish a tremendous number of projects with freely accessible code that can be viewed Read More …

F5 Releases Quarterly Security Notification

F5 has released an overview of vulnerabilities for some of their networking products, including BIG-IP and BIG-IP Next. The overview of security advisories addresses 13 vulnerabilities rated as high impact, 3 rated as medium impact, and 1 as low impact. Read More …

Crypto exchange Bybit says it fully replenished reserves after record $1.5 billion hack

Bybit said it replenished its reserves following a $1.5 billion hack last week, the largest in the history of the crypto industry. In less than 72 hours, Bybit pieced together hundreds of thousands of ether tokens through a mix of Read More …

Medixant Releases Security Update for RadiAnt DICOM Viewer

Medixant has released a security update to address an improper certificate validation vulnerability in RadiAnt DICOM Viewer. CVE-2025-1001 has a CvSSv4 score of 5.7 and could allow an attacker with privileged network access to impersonate RadiAnt’s update server. An attacker Read More …

South African Weather Service systems restored amid increasing cyber attacks

The SAWS Information and Communication Technology (ICT) systems went down on January 26 following a security breach by criminals. Aspects of critical services including aviation and marine were all interrupted. The SAWS email system and website, which is the hub Read More …

Angry Likho: Old beasts in a new forest

Angry Likho (referred to as Sticky Werewolf by some vendors) is an APT group we’ve been monitoring since 2023. It bears a strong resemblance to Awaken Likho, which we’ve analyzed before, so we classified it within the Likho malicious activity Read More …

North Korean Hackers Were Behind Crypto’s Largest ‘Theft of All Time’

Blockchain analytics firm Arkham Intelligence said North Korea’s Lazarus Group was behind Bybit’s $1.46 billion hack. In an earlier post on social media platform X, Arkham offered a bounty of 50,000 ARKM tokens for anyone who could identify the attackers Read More …