Linux Distros Unpatched Vulnerability : CVE-2020-25595

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.14.x. The PCI passthrough code improperly uses register data. Code paths in Xen's MSI handling have been identified tha...

Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign

An abandoned update server associated with input method editor IME software Sogou Zhuyin was leveraged by threat actors as part of an espionage campaign to deliver several malware families, including C6DOOR and GTELAM, in attacks primarily targeting users across Eastern Asia. "Attackers employed...

CVE-2025-48416

CVE-2025-48416 describes a vulnerability in an OpenSSH daemon where a hard-coded entry for root exists in the firmware image’s /etc/shadow. Despite PermitRootLogin being disabled by default, the credential can be bypassed or altered through multiple paths, enabling potential unauthorized root acc...

CVE-2025-48415 Backdoor Functionality via USB Drive in eCharge Hardy Barth cPH2 / cPP2 charging stations

A USB backdoor feature can be triggered by attaching a USB drive that contains specially crafted "salia.ini" files. The .ini file can contain several "commands" that could be exploited by an attacker to export or modify the device configuration, enable an SSH backdoor or perform other...

CVE-2025-48415 Backdoor Functionality via USB Drive in eCharge Hardy Barth cPH2 / cPP2 charging stations

A USB backdoor feature can be triggered by attaching a USB drive that contains specially crafted "salia.ini" files. The .ini file can contain several "commands" that could be exploited by an attacker to export or modify the device configuration, enable an SSH backdoor or perform other...

Winos 4.0 Malware Infects Gamers Through Malicious Game Optimization Apps

Cybersecurity researchers are warning that a command-and-control C&C framework called Winos is being distributed within gaming-related applications like installation tools, speed boosters, and optimization utilities. "Winos 4.0 is an advanced malicious framework that offers comprehensive...

Experts Warn of Mekotio Banking Trojan Targeting Latin American Countries

Financial institutions in Latin America are being threatened by a banking trojan called Mekotio aka Melcoz. That's according to findings from Trend Micro, which said it recently observed a surge in cyber attacks distributing the Windows malware. Mekotio, known to be actively put to use since 2015...

A New Jupyter Malware Version is Being Distributed via MSI Installers

Cybersecurity researchers have charted the evolution of Jupyter, a .NET infostealer known for singling out healthcare and education sectors, which make it exceptional at defeating most endpoint security scanning solutions. The new delivery chain, spotted by Morphisec on September 8, underscores...

ALPINE-CVE-2020-25595

An issue was discovered in Xen through 4.14.x. The PCI passthrough code improperly uses register data. Code paths in Xen's MSI handling have been identified that act on unsanitized values read back from device hardware registers. While devices strictly compliant with PCI specifications shouldn't ...

UBUNTU-CVE-2020-25595

An issue was discovered in Xen through 4.14.x. The PCI passthrough code improperly uses register data. Code paths in Xen's MSI handling have been identified that act on unsanitized values read back from device hardware registers. While devices strictly compliant with PCI specifications shouldn't ...

TrickBot Sample Accidentally Warns Victims They're Infected

TrickBot, the infamous info-stealing trojan, has been trying out a test module that accidentally pops up fraud alerts to victims. A sandboxed sample of the trojan, obtained by MalwareHunterTeam and analyzed by Advanced Intelligence’s Vitali Kremez, turns out to contain a new module, called “modul...

Zero-Day Bug Allows Hackers to Access CCTV Surveillance Cameras

Between 180,000 and 800,000 IP-based closed-circuit television cameras are vulnerable to a zero-day vulnerability that allows hackers to access surveillance cameras, spy on and manipulate video feeds or plant malware. According to a Tenable Research Advisory issued Monday, the bugs are rated...

FLASH zero-day Vulnerability CVE-2018-5002 in the Middle East directed network attacks exploit-vulnerability warning-the black bar safety net

! Recently, ICEBRG security research team SRT identified Adobe Flash 0 day Vulnerability CVE-2018-5002-directional network attack behavior, the 0-day vulnerability is an attacker for the Middle East region, important individuals and organizations of network penetration. An attacker use the...

Trojanized BitTorrent Software Update Hijacked 400,000 PCs Last Week

A massive malware outbreak that last week infected nearly half a million computers with cryptocurrency mining malware in just a few hours was caused by a backdoored version of popular BitTorrent client called MediaGet. Dubbed Dofoil also known as Smoke Loader, the malware was found dropping a...

Cross Platform Trojan builder distributed on underground forums

A Cross platform back door 'Frutas' remote access tool RAT is available for download on many forums from January 2013. This Trojan builder is completely written in Java. Recently, Symantec experts analyse that Frutas RAT allows attackers to create a connect-back client JAR file to run on a...