Aggregator

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

• CVE-2025-23209 Craft CMS Code Injection Vulnerability
• CVE-2025-0111 Palo Alto Networks PAN-OS File Read Vulnerability

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

CISA released seven Industrial Control Systems (ICS) advisories on February 20, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

• ICSA-25-051-01 ABB ASPECT-Enterprise, NEXUS, and MATRIX Series
• ICSA-25-051-02 ABB FLXEON Controllers
• ICSA-25-051-04 Siemens SiPass Integrated
• ICSA-25-051-05 Rapid Response Monitoring My Security Account App
• ICSA-25-051-06 Elseta Vinci Protocol Analyzer
   
• ICSA-24-291-03 Mitsubishi Electric CNC Series (Update A)
   
• ICSMA-25-051-01 Medixant RadiAnt DICOM Viewer

CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations.

Scytale earns its spot on G2's Best GRC Software Products 2025 list, solidifying our position as a top compliance and security leader.

The post Scytale Named a 2025 G2 Best GRC Software Winner appeared first on Scytale.

The post Scytale Named a 2025 G2 Best GRC Software Winner appeared first on Security Boulevard.

A new, improved version of Darcula, a cat-themed phishing-as-a-service (PhaaS) platform aimed at serving Chinese-speaking criminals, will be released this month and will allow malicious users to create customized phishing kits to target a wider variety of brands than ever before, Netcraft researchers are warning. Even users who have gotten wise to the fake “missed package” or “package confirmation” notices from their national post or delivery services may not be ready the variety of phishing … More →

The post Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand appeared first on Help Net Security.

The payment card industry has set a critical deadline for businesses handling cardholder data or processing payments- by March 31, 2025, DMARC implementation will be mandatory! This requirement highlights the importance of preventative measures against email fraud, domain spoofing, and phishing in the financial space. This is not an optional requirement as non-compliance may result in monetary

A previously unknown threat activity cluster targeted European organizations, particularly those in the healthcare sector, to deploy PlugX and its successor, ShadowPad, with the intrusions ultimately leading to deployment of a ransomware called NailaoLocker in some cases. The campaign, codenamed Green Nailao by Orange Cyberdefense CERT, involved the exploitation of a now-patched security flaw

Microsoft addressed a privilege escalation vulnerability in Power Pages, the flaw is actively exploited in attacks. Microsoft has addressed two critical vulnerabilities, tracked as CVE-2025-21355 (CVSS score: 8.6) and CVE-2025-24989 (CVSS score: 8.2), respectively impacting Bing and Power Pages. CVE-2025-21355 is a missing authentication for critical Function in Microsoft Bing, an unauthorized attacker could exploit the flaw […]

Системы больниц стали инструментом шпионажа.

A malware campaign distributing the XLoader malware has been observed using the DLL side-loading technique by making use of a legitimate application associated with the Eclipse Foundation. "The legitimate application used in the attack, jarsigner, is a file created during the installation of the IDE package distributed by the Eclipse Foundation," the AhnLab SEcurity Intelligence Center (ASEC)