News - Page 2 of 27 - UZCERT xizmati

Computer Emergency
Response Team

News

Critical Vulnerability in K7 Antivirus: How a Regular User Can Gain SYSTEM Privileges

Cybersecurity experts have discovered a new vulnerability in K7 Computing’s K7 Ultimate Security product, leading to a major security issue. This flaw allows ordinary users with limited privileges to gain the highest level of operating system access — SYSTEM rights.…

News

New Android “0-Day” Vulnerabilities: CISA Issues Warning

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an official warning about two serious actively exploited “0-day” vulnerabilities in the Android operating system. These vulnerabilities pose a direct threat to the security of millions of Android users worldwide.…

News

Critical Elementor Plugin Vulnerability Puts Thousands of WordPress Sites at Risk

Today, the WordPress ecosystem serves as the backbone for millions of websites worldwide. Yet even a small flaw in a seemingly minor plugin can trigger serious consequences. Recently, such a situation unfolded when a critical vulnerability discovered in the popular…

News

Two Critical Security Vulnerabilities Found in Django: SQL Injection and DoS Risks

Two serious security vulnerabilities have been discovered in Django, one of the most widely used web development frameworks. The Django team has released essential security updates to address these issues. One vulnerability is classified as high severity and the other…

News

Critical Apache bRPC Vulnerability: Specially Crafted JSON Can Crash Servers

A new, highly dangerous security threat has been identified in the cybersecurity landscape. A vulnerability labeled CVE-2025-59789 has been discovered in the Apache bRPC (Baidu RPC) framework, allowing attackers to remotely crash servers. The severity score of this flaw is…

News

Dangerous Outlook Vulnerability Bypassing Security: Public PoC Release Escalates the Threat Landscape

A new and serious cybersecurity threat has emerged involving Microsoft Outlook. The vulnerability, registered as CVE-2024-21413, creates a critical security gap by allowing attackers to bypass one of Outlook’s core protection mechanisms — Protected View. Recently, a Proof-of-Concept (PoC) exploit…

News

Albiriox: A New Android Malware Capable of Taking Full Control of User Devices

As digital technologies evolve, cybercriminals continue to advance their tools just as rapidly. One of the most alarming recent threats targeting Android users is Albiriox, a newly discovered malware family that combines banking fraud capabilities with full remote access functionality.…

News

Oracle VirtualBox Vulnerability Detected: Your Systems Are at Risk

In the digital age, virtualization technologies have become an integral part of modern IT infrastructure. Oracle VM VirtualBox, renowned for its cross-platform flexibility and ease of use, is widely adopted by developers, researchers, and enterprise environments. However, a recently discovered…

News

Advanced Defense Against Phishing: An Essential Guide for CISOs

In the digital era, cybersecurity demands constant vigilance, and phishing remains one of the most widespread and destructive threats. Globally, over 36% of data breaches are attributed to phishing attacks. For Chief Information Security Officers (CISOs), the challenge extends beyond…

News

Dangerous “Nullpoint-Stealer” on GitHub: A Real Threat Disguised as a Research Tool

In the spring of 2025, the cybersecurity community faced yet another alarming development: a new-generation info-stealing malware named Nullpoint-Stealer gained attention after being hosted on GitHub. Officially described as a “tool designed for cybersecurity training and exercises,” experts warn that…