News - Page 3 of 28 - UZCERT xizmati

Computer Emergency
Response Team

News

Critical Elementor Plugin Vulnerability Puts Thousands of WordPress Sites at Risk

Today, the WordPress ecosystem serves as the backbone for millions of websites worldwide. Yet even a small flaw in a seemingly minor plugin can trigger serious consequences. Recently, such a situation unfolded when a critical vulnerability discovered in the popular…

News

Two Critical Security Vulnerabilities Found in Django: SQL Injection and DoS Risks

Two serious security vulnerabilities have been discovered in Django, one of the most widely used web development frameworks. The Django team has released essential security updates to address these issues. One vulnerability is classified as high severity and the other…

News

Critical Apache bRPC Vulnerability: Specially Crafted JSON Can Crash Servers

A new, highly dangerous security threat has been identified in the cybersecurity landscape. A vulnerability labeled CVE-2025-59789 has been discovered in the Apache bRPC (Baidu RPC) framework, allowing attackers to remotely crash servers. The severity score of this flaw is…

News

Dangerous Outlook Vulnerability Bypassing Security: Public PoC Release Escalates the Threat Landscape

A new and serious cybersecurity threat has emerged involving Microsoft Outlook. The vulnerability, registered as CVE-2024-21413, creates a critical security gap by allowing attackers to bypass one of Outlook’s core protection mechanisms — Protected View. Recently, a Proof-of-Concept (PoC) exploit…

News

Albiriox: A New Android Malware Capable of Taking Full Control of User Devices

As digital technologies evolve, cybercriminals continue to advance their tools just as rapidly. One of the most alarming recent threats targeting Android users is Albiriox, a newly discovered malware family that combines banking fraud capabilities with full remote access functionality.…

News

Oracle VirtualBox Vulnerability Detected: Your Systems Are at Risk

In the digital age, virtualization technologies have become an integral part of modern IT infrastructure. Oracle VM VirtualBox, renowned for its cross-platform flexibility and ease of use, is widely adopted by developers, researchers, and enterprise environments. However, a recently discovered…

News

Advanced Defense Against Phishing: An Essential Guide for CISOs

In the digital era, cybersecurity demands constant vigilance, and phishing remains one of the most widespread and destructive threats. Globally, over 36% of data breaches are attributed to phishing attacks. For Chief Information Security Officers (CISOs), the challenge extends beyond…

News

Dangerous “Nullpoint-Stealer” on GitHub: A Real Threat Disguised as a Research Tool

In the spring of 2025, the cybersecurity community faced yet another alarming development: a new-generation info-stealing malware named Nullpoint-Stealer gained attention after being hosted on GitHub. Officially described as a “tool designed for cybersecurity training and exercises,” experts warn that…

News

Bypassing Phishing-Resistant MFA: New Vulnerability Discovered in Microsoft Entra ID

A new concern has emerged in the cybersecurity landscape. Security researchers have identified a novel technique that allows attackers to bypass phishing-resistant Multi-Factor Authentication (MFA) in Microsoft Entra ID, raising alarms about the robustness of even advanced security measures. This…

News

Hidden Threat Behind a Fake Security Tool: WordPress Plugin Malware Takes Full Control of Your Site

WordPress is one of the most popular platforms for building websites, powering millions of sites worldwide due to its ease of use and extensive customization options. However, its widespread adoption also makes it a prime target for cybersecurity threats. A…