News – Page 12 – UZCERT Team

Computer Emergency
Response Team

News

New BeyondTrust Vulnerability: Clients’ Confidential API Keys Stolen

In today’s world, cyber threats are becoming increasingly sophisticated, and attacks on major technology companies are growing more dangerous. Earlier this year, BeyondTrust, a leading company in the field of Identity and Access Management (IAM), fell victim to a cyberattack.…

News

Linux 6.14: Half a Million Lines of Code Modified!

The tech world has received another major update – Linux 6.14-rc1 has been officially released! Linux kernel creator Linus Torvalds has announced the first test version (Release Candidate – RC), marking the completion of two weeks of active development on…

News

ChatGPT-4o Vulnerability “Time Bandit”: Hackers Can Create Malware

A newly discovered vulnerability in OpenAI’s ChatGPT-4o, dubbed “Time Bandit,” poses a serious threat to users. This vulnerability allows hackers to bypass the chatbot’s built-in security features and use it to generate malicious content, including instructions for creating malware, phishing…

News

Top 3 Most Popular Tactics, Techniques, and Procedures (TTPs) of 2024: New Methods of Cyberattacks

In the world of cybersecurity, threats are evolving at an incredible pace. However, some attack methods stand out due to their widespread use and high effectiveness. In its 2024 report, ANY.RUN identified the most commonly used Tactics, Techniques, and Procedures (TTPs) by cybercriminals. In…

News

Malware is Being Spread to macOS and Windows Systems via 10,000 WordPress Sites

Recently, cybersecurity experts have discovered a sophisticated cyberattack that has infected more than 10,000 WordPress sites, distributing malware to users. Attackers exploit vulnerabilities in outdated versions of WordPress and its plugins. This means that if WordPress or its plugins are…

News

Hellcat Ransomware: Attacks on Organizations via the RaaS Model Are on the Rise

A new and serious threat has emerged in the cybersecurity landscape – a ransomware group called Hellcat. This group leverages the Ransomware-as-a-Service (RaaS) model to target critical sectors such as government, education, and energy. Hellcat was first identified in mid-2024 and operates through…

News

Hackers Exploit New Zyxel Vulnerability to Execute Arbitrary Commands Remotely

As cybersecurity threats become increasingly complex, network devices from various companies are becoming prime targets for hackers. According to recent reports, a new zero-day vulnerability has been discovered in Zyxel CPE series devices. This vulnerability, registered as CVE-2024-40891, is currently…

News

Vulnerability discovered in VMware Avi Load Balancer could allow hackers to gain access to databases

This vulnerability allows attackers with specific capabilities to execute specially crafted SQL queries and gain unauthorized access to the database. It has been classified as a “Critical” security issue with a CVSSv3 score of 8.6. The vulnerability arises due to…

News

Akira’s Attack on VMware ESXi Servers: Ransomware Enters a New Phase

The Akira ransomware group, which has been actively operating in the Ransomware-as-a-Service (RaaS) space since March 2023, recently introduced a new Linux variant targeting VMware ESXi servers. This development poses a significant cybersecurity threat. Initially focused on Windows systems, Akira…

News

GitLab Announces Security Update

GitLab has released important security updates for its Community Edition (CE) and Enterprise Edition (EE) versions, addressing several vulnerabilities, including a high-risk Cross-Site Scripting (XSS) vulnerability. The most critical vulnerability is a stored XSS vulnerability (CVE-2025-0314) caused by improper rendering…