News - Page 7 of 28 - UZCERT xizmati

Computer Emergency
Response Team

News

Chinese Hackers Target Global Organizations via Ivanti VPN Vulnerabilities

Since the spring of 2025, hacker groups linked to China have launched cyberattacks on organizations across 12 countries and more than 20 industries worldwide. These attacks were carried out by exploiting critical vulnerabilities in Ivanti Connect Secure VPN appliances. Cybersecurity…

News

Critical Vulnerability Discovered in Jenkins Docker Images: Hackers Can Hijack Network Connections!

On April 10, 2025, the Jenkins team disclosed a newly discovered vulnerability posing a serious threat to CI/CD (Continuous Integration / Continuous Deployment) processes in thousands of organizations worldwide. This vulnerability was found in the management of SSH host keys…

News

Critical Vulnerability Found in AMD Processors: Attackers Can Inject Malicious Microcode to Disrupt CPU Operation!

A serious vulnerability discovered in AMD processors by Google researchers has created a stir in the cybersecurity world. This vulnerability may allow attackers to load malicious microcode directly into AMD processors, potentially compromising their operation. The vulnerability has been assigned…

News

A Critical Vulnerability Threatens WordPress Sites!

Cybersecurity researchers have discovered a critical vulnerability in the popular WordPress plugin — InstaWP Connect. This vulnerability could potentially expose thousands of websites to remote attacks. Experts from Wordfence identified and reported the vulnerability CVE-2025-2636, which allows unauthenticated attackers to…

News

Over 5,000 Ivanti Devices at Risk

Security Warning: Over 5,000 Ivanti Connect Secure VPN devices used across corporate networks worldwide remain at serious risk. This vulnerability, identified as CVE-2025-22457, allows cybercriminals to gain access to your systems and steal your data. This is a stack-based buffer…

News

Serious vulnerability discovered in Kibana

Elastic has issued an urgent security update for its Kibana data visualization platform, addressing a high-severity vulnerability that could allow attackers to execute arbitrary code. Tracked as CVE-2024-12556 with a CVSS score of 8.7 (High), this flaw affects Kibana versions 8.16.1 through 8.17.1 The security flaw stems from…

News

Vulnerability in Apache mod_auth_openidc Module: Could Allow Unauthenticated Users to Access Protected Content

A serious security vulnerability has been discovered in the mod_auth_openidc module for OpenID Connect authentication and authorization in the Apache HTTP server. This issue could allow unauthenticated users to gain access to protected web resources. The vulnerability, named CVE-2025-31492, has…

News

New Vulnerability Found in Windows Remote Desktop Service: Hackers Can Execute Malicious Code Remotely

A serious vulnerability has been identified in Microsoft Windows Remote Desktop Services (RDP), allowing attackers to execute malicious code remotely without requiring user authentication. This vulnerability, named CVE-2025-27480, is a use-after-free issue in the Remote Desktop Gateway service and has…

News

Vulnerability in USB Audio Driver for Linux Operating System Has Been Fixed

A vulnerability that allowed system control to be taken over via a malicious USB device has been fixed. A serious security issue was identified in the USB Audio driver of the Linux operating system. This vulnerability was discovered by SUSE…

News

Several dangerous vulnerabilities discovered in SonicWall NetExtender VPN software

Attention to Users and Organizations! Cybersecurity specialists have identified three critical vulnerabilities in SonicWall’s NetExtender VPN software designed for the Windows operating system. These vulnerabilities could allow attackers to perform various malicious actions on users’ computers. SonicWall has released security…