News - Page 4 of 26 - UZCERT xizmati

Computer Emergency
Response Team

News

A New Phishing Technique Bypasses Gmail Security: Vulnerability Found in Google OAuth

A highly sophisticated phishing attack exploiting a vulnerability in Google’s OAuth system has been uncovered. This attack successfully bypasses Gmail’s security filters and authentication mechanisms, appearing completely legitimate to users — the emails seem to come from official Google domains…

News

NTLM Vulnerability in Windows Systems Actively Exploited

🔓 Cybercriminals are exploiting a critical vulnerability in Windows systems related to NTLM (New Technology LAN Manager) authentication to gain unauthorized access. This vulnerability, identified as CVE-2025-24054, allows attackers to spoof NTLM hashes, potentially exposing sensitive information. The vulnerability is…

News

Cisco Webex Vulnerability Allows Remote Code Execution via Weaponized Meeting Links

In today’s digital age, remote communication and online meetings have become an essential part of everyday life. Widely-used platforms like Cisco Webex serve as vital tools for millions of users worldwide. However, a recently discovered critical vulnerability has raised serious…

News

Two Critical Vulnerabilities Discovered in Apple iPhones

One of the leading companies in the tech world, Apple, has recently announced an urgent security update for iPhone and iPad users. This update is being distributed through iOS 18.4.1 and iPadOS 18.4.1. The reason is serious — two zero-day…

News

Critical Firefox Vulnerability Found — Update Immediately!

Mozilla has released a crucial security update for its Firefox browser, addressing a high-severity vulnerability that could lead to memory corruption and potentially allow attackers to exploit affected systems. 🛠️ What’s the issue? The vulnerability, identified as CVE-2025-3608, was discovered…

News

Critical Vulnerability in Apache Roller: Hackers Remain in the System Even After Password Changes

A dangerous vulnerability discovered in the popular blogging platform Apache Roller poses a serious threat to users and organizations. The vulnerability, identified as CVE-2025-24859, affects all versions of the platform from 1.0.0 to 6.1.4 and has received the highest CVSS…

News

Dangerous Cyberattacks via “SureTriggers” WordPress Plugin Began Just 4 Hours After Vulnerability Disclosure

On April 10, 2025, only four hours after a critical vulnerability in the popular WordPress plugin SureTriggers was publicly disclosed, active exploitation of the flaw began. This plugin is installed on over 100,000 websites worldwide and has been found to…

News

Chinese Hackers Target Global Organizations via Ivanti VPN Vulnerabilities

Since the spring of 2025, hacker groups linked to China have launched cyberattacks on organizations across 12 countries and more than 20 industries worldwide. These attacks were carried out by exploiting critical vulnerabilities in Ivanti Connect Secure VPN appliances. Cybersecurity…

News

Critical Vulnerability Discovered in Jenkins Docker Images: Hackers Can Hijack Network Connections!

On April 10, 2025, the Jenkins team disclosed a newly discovered vulnerability posing a serious threat to CI/CD (Continuous Integration / Continuous Deployment) processes in thousands of organizations worldwide. This vulnerability was found in the management of SSH host keys…

News

Critical Vulnerability Found in AMD Processors: Attackers Can Inject Malicious Microcode to Disrupt CPU Operation!

A serious vulnerability discovered in AMD processors by Google researchers has created a stir in the cybersecurity world. This vulnerability may allow attackers to load malicious microcode directly into AMD processors, potentially compromising their operation. The vulnerability has been assigned…