News - Page 8 of 26 - UZCERT xizmati

Computer Emergency
Response Team

News

A Vulnerability in the Linux Kernel Went Undetected for 7 Years

Cybersecurity researchers have recently disclosed a critical vulnerability (CVE-2024-36904) in the Linux kernel that remained unnoticed for seven years. This use-after-free vulnerability could allow attackers to execute arbitrary code within the system’s core processes. A Proof-of-Concept (PoC) exploit demonstrating the…

News

Red Team Tool Cobalt Strike 4.11: Enhanced Stealth Capabilities in the Latest Update

A major update in the cybersecurity world – the release of Cobalt Strike 4.11, a popular Red Team tool. This version introduces significant improvements in stealth (evasion) techniques, making it more effective at bypassing modern security systems. The update includes…

News

BitM: A New Cyber Threat That Steals Confidential Data via Browsers

In recent years, cybercriminals have been mastering innovative techniques to bypass security systems. One such method is BitM (Browser-in-the-Middle), a new attack tactic that allows hackers to hijack user sessions within seconds and gain access to their systems. What makes…

News

Google Releases Open-Source Version of OSV-Scanner, Elevating Vulnerability Detection to a New Level

On March 17, 2025, Google officially introduced OSV-Scanner V2.0.0. This updated tool significantly enhances the ability of security professionals to identify and remediate vulnerabilities in software. Initially launched in December 2022, OSV-Scanner has secured its place among open-source security tools.…

News

Hackers Can Completely Take Over Servers Using an Apache Tomcat Vulnerability!

A remote code execution (RCE) vulnerability in Apache Tomcat, identified as CVE-2025-24813, is actively being exploited by cybercriminals. This vulnerability allows attackers to gain full control over the server. According to security experts, exploitation of this vulnerability is rapidly increasing.…

News

Vulnerabilities in Adobe Acrobat Reader Put User Data at Risk

Adobe Acrobat Reader, an essential tool for document exchange and official paperwork, has been found to contain three critical vulnerabilities. These flaws could allow attackers to execute arbitrary code or disclose sensitive information. The vulnerabilities were discovered by Cisco Talos…

News

Critical Vulnerability in TP-Link TL-WR845N Routers: Hackers Can Gain Root Access

🔍 Researchers have discovered a serious security vulnerability in TP-Link TL-WR845N routers. This flaw allows attackers to gain full control over the router, monitor network traffic, and install malicious software. Vulnerability Details This vulnerability is identified as CVE-2024-57040 and has…

News

Cisco IOS XR Vulnerability Poses a Threat to Network Security

Cisco has issued a warning about a critical vulnerability in its IOS XR software that, if exploited, could lead to a Denial-of-Service (DoS) attack. This vulnerability, identified as CVE-2025-20115, has been assigned a CVSS score of 8.6, indicating a high…

News

Cybercriminals Exploit Fortinet Vulnerabilities to Launch SuperBlack Ransomware Attacks

Between late January and early March 2025, cybersecurity researchers from Forescout’s Vedere Labs identified a series of sophisticated attacks conducted by a threat actor tracked as Mora_001. These attacks targeted Fortinet systems, exploiting vulnerabilities to deploy a specially crafted SuperBlack…

News

New Security Vulnerabilities in GitLab Allow Authentication Bypass and Remote Code Execution

GitLab has alerted its users to critical security vulnerabilities and urged them to update their systems immediately. According to the latest security update, attackers could exploit these vulnerabilities to access the system as legitimate users or execute arbitrary code within…