The Akira ransomware group, which has been actively operating in the Ransomware-as-a-Service (RaaS) space since March 2023, recently introduced a new Linux variant targeting VMware ESXi servers. This development poses a significant cybersecurity threat. Initially focused on Windows systems, Akira…
GitLab has released important security updates for its Community Edition (CE) and Enterprise Edition (EE) versions, addressing several vulnerabilities, including a high-risk Cross-Site Scripting (XSS) vulnerability. The most critical vulnerability is a stored XSS vulnerability (CVE-2025-0314) caused by improper rendering…
A new vulnerability has been discovered in Microsoft Outlook, identified as CVE-2025-21298. This vulnerability resides in the Windows Object Linking and Embedding (OLE) system, specifically in the ole32.dll component. It is caused by a “double-free” error and enables remote code…
Recent reports indicate that over 379 Ivanti Connect Secure (ICS) devices have been compromised through a newly discovered vulnerability—CVE-2025-0282. This vulnerability enables cybercriminals to install hidden “backdoors” and gain persistent access to systems. Description of the CVE-2025-0282 VulnerabilityCVE-2025-0282 is a…
UZCERT has identified these vulnerabilities in the information infrastructure of more than 10 organizations located in the Republic of Uzbekistan. We request government agencies and other organizations using “FORTINET” products to follow the recommendations below to mitigate these vulnerabilities: User…
The Presidential Decree of the Republic of Uzbekistan No. PQ-14 dated January 20, 2025, “On the establishment of the state university ‘Cyber University’,” has been adopted. According to the decree, the main tasks of the University are defined as follows:…
A serious security vulnerability has been discovered in the popular RealHomes WordPress template and its Easy Real Estate plugin, which could expose more than 32,000 websites to cyberattacks. The vulnerabilities are classified as privilege escalation issues that do not require…
A critical vulnerability has been identified in the popular 7-Zip archiving software. This vulnerability allows attackers to bypass an important Windows security feature—the “Mark-of-the-Web” (MotW) mechanism. The vulnerability, tracked as CVE-2025-0411, has been assigned a CVSS security rating of 7.0,…
Another significant issue in the field of technology security has been identified: a new vulnerability has been discovered in Cisco Meeting Management, potentially allowing attackers to gain administrator privileges within the system. This vulnerability is tracked as CVE-2025-20156 and is…
As technology security becomes increasingly complex each day, new vulnerabilities continue to pose threats to our systems. The vulnerability identified in Windows File Explorer under the identifier CVE-2024-38100 is a clear example of this issue. This vulnerability has raised concerns…