CVE-2025-6894

CVE-2025-6894 is a documented API authorization flaw in Moxa network security appliances/routers that allows a low-privileged, authenticated user to execute an administrative ping, potentially enabling internal network reconnaissance and limited impact to device confidentiality/availability. Rela...

Fire Ant Exploits VMware Flaws to Compromise ESXi Hosts and vCenter Environments

Virtualization and networking infrastructure have been targeted by a threat actor codenamed Fire Ant as part of a prolonged cyber espionage campaign. The activity, observed this year, is primarily designed Now to infiltrate organizations' VMware ESXi and vCenter environments as well as network...

Ruijie Networks' Cloud Platform Flaws Could've Exposed 50,000 Devices to Remote Attacks

Cybersecurity researchers have discovered several security flaws in the cloud management platform developed by Ruijie Networks that could permit an attacker to take control of the network appliances. "These vulnerabilities affect both the Reyee platform, as well as Reyee OS network devices,"...

Akira ransomware continues to evolve

Akira continues to cement its position as one of the most prevalent ransomware operations in the threat landscape, according to Cisco Talos' findings and analysis. Their success is partly due to the fact that they are constantly evolving. For example, after Akira already developed a new version o...

New Sophisticated Malware

Mandiant is reporting on a new botnet. The group, which security firm Mandiant is calling UNC3524, has spent the past 18 months burrowing into victims networks with unusual stealth. In cases where the group is ejected, it wastes no time reinfecting the victim environment and picking up where thin...

New Hacker Group Pursuing Corporate Employees Focused on Mergers and Acquisitions

A newly discovered suspected espionage threat actor has been targeting employees focusing on mergers and acquisitions as well as large corporate transactions to facilitate bulk email collection from victim environments. Mandiant is tracking the activity cluster under the uncategorized moniker...

Flaw in Intel Ethernet controller exposes to 'packet of death' attack

The hardware qualification is a very important issue, recent vulnerabilities discovered in network appliances of various manufacturer have alerted security community once again on the necessity to validate the hardware especially for large consume product. The last news is related to a...

Flaw in Intel Ethernet controller exposes to 'packet of death' attack

The hardware qualification is a very important issue, recent vulnerabilities discovered in network appliances of various manufacturer have alerted security community once again on the necessity to validate the hardware especially for large consume product. The last news is related to a...