Chinese Hackers Target U.S. Telecoms with Custom Malware in Stealthy Cyber Espionage

 Salt Typhoon Hackers Use JumbledPath to Spy on U.S. Telecom Networks

A Chinese state-sponsored hacking group, Salt Typhoon (also known as Earth Estries, GhostEmperor, and UNC2286), has been identified using a custom utility called JumbledPath to stealthily monitor network traffic and capture sensitive data in cyberattacks on U.S. telecommunication providers.

CISA Flags Palo Alto Networks and SonicWall Flaws as Actively Exploited

 CISA Adds Palo Alto Networks and SonicWall Flaws to Exploited Vulnerabilities

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two critical security vulnerabilities affecting Palo Alto Networks PAN-OS and SonicWall SonicOS SSLVPN to its Known Exploited Vulnerabilities (KEV) catalog. The inclusion is based on confirmed evidence of active exploitation.

Critical OpenSSH Flaw Exposes Millions of Servers!

 

OpenSSH Patches Critical Vulnerabilities: MitM and DoS Attacks

OpenSSH has recently released crucial security updates addressing two significant vulnerabilities—one enabling machine-in-the-middle (MitM) attacks and another causing denial-of-service (DoS) conditions. One of these flaws had remained undiscovered for over a decade, potentially exposing millions of SSH servers to cyber threats.

Cisco: No New Breach, Ransomware Group Leaks Old Data

Cisco Denies New Breach, Says Ransomware Group’s Leak Tied to 2022 Hack

Cisco has refuted claims of a new security breach after the Kraken ransomware group leaked what it described as sensitive internal data. The networking giant clarified that the exposed credentials stem from an old security incident that occurred in May 2022.

PostgreSQL Vulnerability Exploited Zero-Day in Targeted Attacks

 

Threat Actors Exploit Zero-Day in BeyondTrust and Uncover New PostgreSQL SQL Injection Vulnerability

Threat actors responsible for exploiting a zero-day vulnerability in BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products in December 2024 are now believed to have also leveraged a previously undisclosed SQL injection flaw in PostgreSQL, according to cybersecurity firm Rapid7.

OpenSSL Flaw Allows Hackers to Execute Man-in-the-Middle Attacks

A recently disclosed high-severity vulnerability in OpenSSL (CVE-2024-12797) could allow attackers to launch man-in-the-middle (MitM) attacks on TLS and DTLS connections that use raw public keys (RPKs) for server authentication. The flaw affects OpenSSL versions 3.2, 3.3, and 3.4 and was discovered by Apple Inc. in December 2024.

Cisco Hack Exposed: Internal Network Breach by Ransomware Actors

Cisco has reportedly suffered a significant data breach, with sensitive credentials from its internal network and Windows Active Directory environment leaked online. The attack is allegedly linked to the Kraken ransomware group, which published a dataset containing usernames, security identifiers (SIDs), and NTLM password hashes on its dark web blog.