Aggregator

You must login to view this content

You must login to view this content

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.

• CVE-2024-8069 Citrix Session Recording Deserialization of Untrusted Data Vulnerability
• CVE-2024-8068 Citrix Session Recording Improper Privilege Management Vulnerability
• CVE-2025-48384 Git Link Following Vulnerability

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

Criminals are taking advantage of macOS users’ need to resolve technical issues to get them to infect their machines with the Shamos infostealer, Crowdstrike researchers have warned. To prevent macOS security features from blocking the installation, the malware peddlers are using the so-called ClickFix technique, which relies on users running malicious commands. The Shamos malware delivery campaign For the campaign, which unfolded between June and August 2025, the cyber crooks created fraudulent macOS help websites … More →

The post Fake macOS help sites push Shamos infostealer via ClickFix technique appeared first on Help Net Security.

Arch Linux—the community-driven, lightweight distribution renowned for its rolling-release model—has confirmed that a distributed denial-of-service (DDoS) attack has been targeting its core infrastructure for over a week. Beginning on August 18, users worldwide have experienced intermittent outages and slowdowns on the Arch Linux main website, the Arch User Repository (AUR), and the official forums. According […]

The post Arch Linux Services Hit by Week-Long DDoS Attack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A comprehensive operational dump from the North Korean Kimsuky APT organization, also known as APT43, Thallium, or Velvet Chollima, appeared on a dark web forum in an uncommon instance of state-sponsored cyber espionage. This leak, comprising virtual machine images, VPS dumps, phishing kits, rootkits, and over 20,000 browser history records, provides an unparalleled glimpse into […]

The post Kimsuky APT Exposed: GPKI Certificates, Rootkits, and Cobalt Strike Assets Uncovered appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.