Lucene search
K

5 matches found

The Hacker News
The Hacker News
added 2025/09/30 10:57 a.m.10 views

Urgent: China-Linked Hackers Exploit New VMware Zero-Day Since October 2024

A newly patched security flaw impacting Broadcom VMware Tools and VMware Aria Operations has been exploited in the wild as a zero-day since mid-October 2024 by a threat actor called UNC5174, according to NVISO Labs. The vulnerability in question is CVE-2025-41244 CVSS score: 7.8, a local privileg...

7.8CVSS7.7AI score0.0788EPSS
Exploits3
The Hacker News
The Hacker News
added 2025/04/15 2:6 p.m.96 views

Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool

The China-linked threat actor known as UNC5174 has been attributed to a new campaign that leverages a variant of a known malware dubbed SNOWLIGHT and a new open-source tool called VShell to infect Linux systems. "Threat actors are increasingly using open source tools in their arsenals for...

9.8CVSS8.8AI score0.99979EPSS
Exploits23
The Hacker News
The Hacker News
added 2024/08/24 7:3 a.m.74 views

CISA Urges Federal Agencies to Patch Versa Director Vulnerability by September

The U.S. Cybersecurity and Infrastructure Security Agency CISA has placed a security flaw impacting Versa Director to its Known Exploited Vulnerabilities KEV catalog based on evidence of active exploitation. The medium-severity vulnerability, tracked as CVE-2024-39717 CVSS score: 6.6, is case of...

10CVSS9.7AI score0.99871EPSS
Exploits28
hivepro
hivepro
added 2024/03/29 8:32 a.m.29 views

UNC5174 Functions as an Initial Access Broker, Exploiting Vulnerabilities

Summary: UNC5174, a threat actor believed to be associated with China, has been identified exploiting various vulnerabilities and deploying custom tools such as SNOWLIGHT, GOHEAVY, and GOREVERSE for post-exploitation activities. These tools enable UNC5174 to carry out sophisticated cyber...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/03/22 11:28 a.m.59 views

China-Linked Group Breaches Networks via Connectwise, F5 Software Flaws

A China-linked threat cluster leveraged security flaws in Connectwise ScreenConnect and F5 BIG-IP software to deliver custom malware capable of delivering additional backdoors on compromised Linux hosts as part of an "aggressive" campaign. Google-owned Mandiant is tracking the activity under its...

10CVSS9.3AI score0.99999EPSS
Exploits48
Rows per page
Query Builder