News – Page 9 – UZCERT Team

Computer Emergency
Response Team

News

Lumma InfoStealer Malware Identified as a Threat to Educational Institutions

🔴 Cybercriminals Are Targeting the Education Sector! As cybersecurity challenges continue to grow in complexity, a new threat has emerged—Lumma InfoStealer, a malicious software (malware) designed to target educational institutions. This malware spreads through infected PDF documents, disguised as legitimate…

News

How can I protect myself from attacks carried out through dangerous vulnerabilities identified in OpenSSH?

Cybersecurity researchers have identified two serious vulnerabilities in OpenSSH, a widely used protocol for secure network communication. These vulnerabilities, discovered by specialists at Qualys Threat Research Unit (TRU), have been registered as CVE-2025-26465 and CVE-2025-26466. These flaws allow attackers to…

News

Hidden Malware on WordPress Websites: Threats and Protection Measures

Cybersecurity researchers have discovered a sophisticated malware campaign targeting WordPress websites. This campaign uses the installation of a backdoor, allowing hackers to execute remote code. The malware spreads through the mu-plugins directory, giving attackers full system compromise, data theft, and…

News

New Go-Based Malware Controlled via Telegram Identified

Cybersecurity researchers have discovered a new malware (backdoor) written in the Go programming language. This malicious software uses the Telegram messenger as a command and control (C2) channel. Although still under development, it is already fully functional and capable of…

News

Critical SQL Injection Vulnerability in Apache Fineract Threatens Financial Systems

A critical SQL injection vulnerability has been identified in Apache Fineract, an open-source software widely used in financial services. This vulnerability, tracked as CVE-2024-32838, affects versions 1.4 to 1.9 and has a CVSS score of 9.4, indicating a highly severe…

News

RedMike Hackers Breached 1000+ Cisco Devices and Gained Admin Access

Recent cybersecurity research has revealed that the Chinese state-backed hacker group “Salt Typhoon” (also known as “RedMike”) compromised more than 1,000 vulnerable Cisco devices worldwide between December 2024 and January 2025, exploiting them for their operations. This cyber-espionage campaign primarily…

News

AMD Ryzen DLL Hijacking Vulnerability Allows Attackers to Execute Arbitrary Code

Cybersecurity researchers have discovered a high-risk vulnerability in the AMD Ryzen™ Master Utility software. Identified as CVE-2024-21966, this flaw allows attackers to execute malicious code on a system and escalate their privileges. This vulnerability is classified as DLL Hijacking and…

News

PostgreSQL Terminal Tool Vulnerability Allows Remote Code Execution

Recently, cybersecurity researchers discovered a critical SQL injection vulnerability in PostgreSQL’s interactive terminal tool, psql. This vulnerability, identified as CVE-2025-1094, allows attackers to remotely execute arbitrary code. This flaw was uncovered during the analysis of CVE-2024-12356, a remote code execution…

News

Vulnerability in WinZip Allows Hackers to Take Control of Your Computer

One of the world’s most popular file archiving programs, WinZip, has been found to contain a critical security vulnerability. Designated as CVE-2025-1240, this vulnerability enables attackers to execute arbitrary code remotely using malicious 7Z archive files. This vulnerability has received…

News

ZeroLogon Exploit: Threat to Active Directory and Domain Controllers

The ZeroLogon exploit is currently one of the most dangerous cyber threats used by malicious actors to attack Microsoft Active Directory environments. This exploit is registered under the identifier CVE-2020-1472 and poses a serious risk to Microsoft domain controllers. The…