Zyxel has released 3 security advisories to address vulnerabilities in Zyxel firewalls, Access Points (APs), extenders, and security router devices. In the first security advisory, Zyxel describes seven vulnerabilities found in their ATP and USG FLEX firewall product lines.
Two vulnerabilities could allow an attacker to create a denial-of-service (DoS) condition, four vulnerabilities could allow an attacker to execute some operating system (OS) commands on an affected device, and one could allow an attacker to gain browser-based information. In the second advisory, Zyxel describes one vulnerability known as CVE-2024-7261, which affects APs and security router devices.
Read more…
Source: NHS Digital
Related:
- Cloudflare says service restored after outage that brought down sites including Zoom and LinkedIn
December 5, 2025
Internet infrastructure company Cloudflare on Friday said it had restored services following an outage that took place in the morning and brought down several global websites including LinkedIn, Zoom and others, the second such crash to affect the company in less than three weeks. Cloudflare said the issue had been resolved and was not due to ...
- Sanctioned spyware maker Intellexa had direct access to government espionage victims, researchers say
December 4, 2025
Spyware maker Intellexa had remote access to some of its government customers’ surveillance systems, giving company staffers the ability to see the personal data of people whose phones had been hacked with its Predator spyware, according to new evidence published by Amnesty International. On Thursday, Amnesty and a coalition of media partners, including Israeli newspaper Haaretz, ...
- International takedown of cryptocurrency fraud network laundering over EUR 700 million
December 4, 2025
The final actions in a sweeping international operation have successfully dismantled a large-scale cryptocurrency fraud and money laundering network that had laundered over EUR 700 million. Coordinated across multiple jurisdictions, these actions, carried out last month and earlier this week, mark the culmination of years of investigation and the effective disruption of a criminal operation ...
- Freedom Mobile Confirms Customer Data Breach
December 4, 2025
Canadian telecommunications provider Freedom Mobile suffered a supply-chain attack recently, in which it lost sensitive data on a yet undisclosed number of customers. In a data breach notification letter posted on its website earlier this week, Freedom said hackers broke into an account of a subcontractor, through which they accessed personal information “of a limited number” ...
- Hook for Gold: Inside GoldFactory’s Сampaign That Turns Apps Into Goldmines
December 3, 2025
In February 2024, Group-IB uncovered sophisticated mobile threat campaigns that show how fast banking malware is evolving across the Asia-Pacific region. Ongoing monitoring of this evolving threat revealed a surge of aggressive mobile Trojans targeting both iOS and Android users, all operated by a single threat actor tracked as GoldFactory. Since releasing our initial report, we ...
- Iranian hacker group deploys malicious Snake game to target Egyptian and Israeli critical infrastructure
December 3, 2025
An Iranian-aligned hacking group tracked as ‘MuddyWater’ has dramatically shifted tactics in attacks against Israeli and Egyptian critical infrastructure. Previous campaigns by the group, observed by ESET Research, were characteristically noisy in their tactics, techniques, and procedures (TTPs) making them easily detectable. However, the group has begun employing a new backdoor deployed via the Fooder loader, ...