Security News

New BPFDoor Controller Enables Stealthy Lateral Movement in Linux Server Attacks
2025-04-16 10:37

Cybersecurity researchers have unearthed a new controller component associated with a known backdoor called BPFDoor as part of cyber attacks targeting telecommunications, finance, and retail...

Critical flaws fixed in Nagios Log Server
2025-04-15 10:41

The Nagios Security Team has fixed three critical vulnerabilities affecting popular enterprise log management and analysis platform Nagios Log Server. About the flaws The vulnerabilities,...

Microsoft: Windows Server 2025 restarts break connectivity on some DCs
2025-04-14 10:54

Microsoft warned IT admins that some Windows Server 2025 domain controllers might become inaccessible after a restart, causing apps and services to fail or remain unreachable. [...]

Oracle says "obsolete servers" hacked, denies cloud breach
2025-04-09 19:12

Oracle finally confirmed in email notifications sent to customers that a hacker stole and leaked credentials that were stolen from what it described as "two obsolete servers." [...]

CentreStack RCE exploited as zero-day to breach file sharing servers
2025-04-09 15:38

Hackers exploited a vulnerability in Gladinet CentreStack's secure file-sharing software as a zero-day since March to breach storage servers [...]

Police detains Smokeloader malware customers, seizes servers
2025-04-09 13:33

In follow-up activity for Operation Endgame, law enforcement tracked down Smokeloader botnet's customers and detained at least five individuals. [...]

Microsoft fixes auth issues on Windows Server, Windows 11 24H2
2025-04-08 20:12

Microsoft has fixed a known issue causing authentication problems when Credential Guard is enabled on systems using the Kerberos PKINIT pre-auth security protocol. [...]

OPSEC Failure Exposes Coquettte’s Malware Campaigns on Bulletproof Hosting Servers
2025-04-04 06:06

A novice cybercrime actor has been observed leveraging the services of a Russian bulletproof hosting (BPH) provider called Proton66 to facilitate their operations. The findings come from...

Outlaw Group Uses SSH Brute-Force to Deploy Cryptojacking Malware on Linux Servers
2025-04-02 10:43

Cybersecurity researchers have shed light on an "auto-propagating" cryptocurrency mining botnet called Outlaw (aka Dota) that's known for targeting SSH servers with weak credentials. "Outlaw is a...

Over 1,500 PostgreSQL Servers Compromised in Fileless Cryptocurrency Mining Campaign
2025-04-01 17:08

Exposed PostgreSQL instances are the target of an ongoing campaign designed to gain unauthorized access and deploy cryptocurrency miners. Cloud security firm Wiz said the activity is a variant of...