flaw

Fortinet Urges FortiSwitch Upgrades to Patch Critical Admin Password Change Flaw – Go Health Pro

by
Fortinet Urges FortiSwitch Upgrades to Patch Critical Admin Password Change Flaw – Go Health Pro

Apr 08, 2025Ravie LakshmananNetwork Security / Vulnerability Fortinet has released security updates to address a critical security flaw impacting FortiSwitch that could permit an attacker to make unauthorized password changes. The vulnerability, tracked as CVE-2024-48887, carries a CVSS score of 9.3 out of a maximum of 10.0. “An unverified password change vulnerability [CWE-620] in FortiSwitch … Read more

Firefox patches flaw similar to exploited Chrome zero-day – Go Health Pro

by
Firefox patches flaw similar to exploited Chrome zero-day – Go Health Pro

Mozilla patched a Firefox browser vulnerability that was discovered after a similar Google Chrome flaw was found to be actively exploited in potential espionage campaigns.The critical flaw, tracked as CVE-2025-2857, could enable an attacker to escape the Firefox browser’s sandbox protection on Windows machines due to an error in the browser’s inter-process communication (IPC) code, … Read more

RESURGE Malware Exploits Ivanti Flaw with Rootkit and Web Shell Features – Go Health Pro

by
RESURGE Malware Exploits Ivanti Flaw with Rootkit and Web Shell Features – Go Health Pro

Mar 30, 2025Ravie LakshmananVulnerability / Zero-Day The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has shed light on a new malware called RESURGE that has been deployed as part of exploitation activity targeting a now-patched security flaw in Ivanti Connect Secure (ICS) appliances. “RESURGE contains capabilities of the SPAWNCHIMERA malware variant, including surviving reboots; however, … Read more

Flaw in Windows shortcut abused by at least 11 threat groups – Go Health Pro

by
Flaw in Windows shortcut abused by at least 11 threat groups – Go Health Pro

Attackers are making use of Windows shortcut (.lnk) files to dupe users into running malicious code on their systems.Researchers with Trend Micro’s Zerdo Day Initiative (ZDI) said that threat actors around the globe have been taking advantage of the Windows shell link shortcut format to execute malicious code on target machines.Dubbed ZDI-CAN-25373 (more on this … Read more

Blind Eagle Hacks Colombian Institutions Using NTLM Flaw, RATs and GitHub-Based Attacks – Go Health Pro

by
Blind Eagle Hacks Colombian Institutions Using NTLM Flaw, RATs and GitHub-Based Attacks – Go Health Pro

The threat actor known as Blind Eagle has been linked to a series of ongoing campaigns targeting Colombian institutions and government entities since November 2024. “The monitored campaigns targeted Colombian judicial institutions and other government or private organizations, with high infection rates,” Check Point said in a new analysis. “More than 1,600 victims were affected … Read more