News - Page 12 of 26 - UZCERT xizmati

Computer Emergency
Response Team

News

Palo Alto, Cisco, and Microsoft Exchange at Risk Due to 23 Vulnerabilities Exploited by the Black Basta Hacking Group

In recent days, one of the most alarming developments in cybersecurity has been the disclosure of internal chats from the Black Basta hacking group. Analysts at GreyNoise examined the leaked data and confirmed that out of 62 identified vulnerabilities, 23…

News

Vulnerability in Cisco Nexus Switches Could Cause Network Failure

Recently, in the field of cybersecurity, information has spread about a serious vulnerability discovered in Cisco Nexus 3000 and 9000 series switches. This vulnerability could allow attackers to disrupt network operations, causing a Denial-of-Service (DoS) condition. This vulnerability is linked…

News

More than 2,850 Ivanti Connect Secure devices vulnerable to remote code execution attacks

Cyber threats are becoming increasingly complex. Recent security audits have revealed that the CVE-2025-22467 vulnerability in Ivanti Connect Secure (ICS) devices poses a serious global threat. CVE-2025-22467 has a CVSS score of 9.9 and is classified as a critical flaw.…

News

XWorm and AsyncRAT: Hidden Malware Spreading via PowerShell and Visual Basic

Recent cybersecurity research has shown that malware distribution methods are becoming increasingly sophisticated. A newly discovered batch script is a clear example of this trend. This script is used to distribute powerful malware such as XWorm and AsyncRAT, employing advanced…

News

Rsync Vulnerabilities: Millions of Servers at Risk!

Several critical vulnerabilities have been discovered in Rsync, a widely used tool for server and data synchronization. These vulnerabilities allow attackers to execute malicious code remotely, steal confidential data, and bypass key security mechanisms. Affected Versions: All versions of Rsync…

News

Popular WordPress Plugin Under Cyberattack: Vulnerability Threatens Millions of Websites

In today’s world, website security is becoming an increasingly critical issue. A vulnerability has been discovered in a widely used WordPress plugin, potentially exposing millions of websites to cyberattacks. The affected plugin is Essential Addons for Elementor. The discovered vulnerability…

News

New Wave of Hacking Attacks on Cisco Devices: Over 100 Malicious IPs Identified

One of today’s most pressing cybersecurity issues is the large-scale attacks targeting Cisco networking equipment. According to recent reports, hundreds of devices are at risk due to the active exploitation of vulnerabilities CVE-2023-20198 and CVE-2018-0171. Security experts have identified 110…

News

CISA Warns of a Critical Vulnerability in Oracle Agile PLM

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about CVE-2024-20953, a security vulnerability in Oracle Agile Product Lifecycle Management (PLM). This vulnerability is currently being actively exploited by cybercriminals. On February 24, 2025, CISA added this…

News

GhostSocks: A New Malware Bypassing Security Systems via SOCKS5 Proxy

The field of cybersecurity faces ever-evolving threats. Recently, a new malware called GhostSocks was discovered, leveraging SOCKS5 proxy technology to bypass security systems and move anonymously across networks. This malicious tool has been thoroughly analyzed by Infrawatch, revealing that it…

News

Critical Vulnerability in Parallels Desktop: Attackers Can Gain Root Privileges!

A serious security vulnerability has been discovered in Parallels Desktop, a popular virtualization software used to run Windows and other operating systems on Mac. The CVE-2024-34331 0-Day vulnerability allows attackers to gain root-level privileges on macOS. What’s most concerning is…