Ethical Hacking News
The latest news on exploited vulnerabilities highlights the ongoing threat posed by cyber threats, emphasizing the importance of prioritizing cybersecurity measures and regularly updating software with the latest security patches. As organizations continue to face increasing pressure to protect their data and systems, it's essential for them to stay vigilant and proactive in addressing known vulnerabilities.
Recent discoveries demonstrate the growing concern for IoT devices and their potential vulnerability to malware, as well as the ongoing threat posed by nation-state actors. The importance of regularly updating software with the latest security patches cannot be overstated, especially when dealing with zero-day vulnerabilities.
The increasing number of breaches highlights the need for organizations to prioritize data protection and cybersecurity measures. As we move forward into an increasingly complex digital landscape, it's crucial for us to stay informed and adapt our strategies to address emerging threats.
In conclusion, the latest news on exploited vulnerabilities underscores the ongoing threat posed by cyber threats and emphasizes the importance of prioritizing cybersecurity measures and regularly updating software with the latest security patches. By staying vigilant and proactive, organizations can reduce their exposure to known vulnerabilities and minimize the risk of data breaches.
CISA has added Yii Framework and Commvault Command Center flaws to its Known Exploited Vulnerabilities catalog. Pierluigi Paganini reported that the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has identified two new vulnerabilities, CVE-2025-34028 and CVE-2024-58136, as path traversal vulnerabilities in Commvault Command Center and Yii Framework, respectively. These vulnerabilities can result in Remote Code Execution (RCE) on the target server and have been fixed with the release of specific software updates. CISA orders federal agencies to fix these vulnerabilities by May 23, 2025.
U.S. CISA adds Yii Framework and Commvault Command Center flaws to its Known Exploited Vulnerabilities catalog
Pierluigi Paganini, a renowned security expert, recently reported that the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two new vulnerabilities in its catalog of known exploited vulnerabilities (KEV). The two vulnerabilities, CVE-2025-34028 and CVE-2024-58136, have been identified as path traversal vulnerabilities in Commvault Command Center and Yii Framework, respectively.
The first vulnerability, CVE-2025-34028, is a critical flaw in Commvault Command Center Innovation that can be exploited to upload ZIP files. According to Orange Cyberdefense's CSIRT, this vulnerability can result in Remote Code Execution (RCE) on the target server. This issue affects Command Center Innovation Release: 11.38.
The second vulnerability, CVE-2024-58136, is a similar path traversal vulnerability in Yii Framework that can be exploited to execute PHP code from a session file. This flaw was fixed with the release of Yii 2.0.52 in April 2024.
In addition to these two vulnerabilities, Orange Cyberdefense also discovered another critical flaw in Craft CMS, CVE-2025-32432, which can be exploited to breach servers and upload a PHP file manager. The attack began with the exploitation of this flaw by sending a crafted request with a "return URL" that was saved in a PHP session file.
This exploitation is followed by the exploitation of the vulnerability CVE-2024-58136 in Yii Framework, which enables the installation of a PHP-based file manager. This further compromises the server.
Both vulnerabilities have been fixed; the flaw CVE-2025-32432 has been addressed with the release of versions 3.9.15, 4.14.15, and 5.6.17. The development team behind Yii addressed the issue with the release of Yii 2.0.52 in April 2024.
According to a report published by SensePost, Orange Cyberdefense's ethical hacking team, threat actors exploited these vulnerabilities to breach servers and upload a PHP file manager. The attack began with the exploitation of the flaw CVE-2025-32432.
The investigation revealed nearly 35,000 Craft CMS instances using the Onyphe asset database. By applying a nuclei template, researchers identified around 13,000 vulnerable instances connected to approximately 6,300 IP addresses, mostly located in the U.S. Further analysis found about 300 potentially compromised instances based on specific file patterns.
Experts also recommend private organizations review the Catalog and address the vulnerabilities in their infrastructure.
CISA orders federal agencies to fix the vulnerabilities by May 23, 2025.
In another related news, Ireland's Data Protection Commission (DPC) fined TikTok €530M for sending EU user data to China. This is a significant move towards protecting users' personal data and preventing unauthorized data sharing.
Furthermore, Microsoft recently set all new accounts passwordless by default. This shift towards passwordless authentication aims to improve the security of online accounts and reduce the risk of phishing attacks.
Luxury department store Harrods suffered a cyberattack, highlighting the growing concern for retail sector cybersecurity.
In other news, U.S. CISA added SonicWall SMA100 and Apache HTTP Server flaws to its Known Exploited Vulnerabilities catalog. This addition underscores the importance of keeping software up-to-date with the latest security patches.
CISA also added VMware vCenter Server bug to its Known Exploited Vulnerabilities catalog. This highlights the need for organizations to regularly monitor their systems for known vulnerabilities and address them promptly.
Additionally, Mother of all breaches - a historic data leak reveals 26 billion records: check what's exposed. This massive breach highlights the importance of robust cybersecurity measures and the need for organizations to prioritize data protection.
Apple fixed actively exploited zero-day CVE-2024-23222. This fix demonstrates Apple's commitment to patching security vulnerabilities and protecting user data.
“My Slice”, an Italian adaptive phishing campaign, was discovered by researchers. This campaign highlights the evolving nature of phishing attacks and the need for organizations to stay vigilant in protecting against them.
Threat actors exploited Apache ActiveMQ flaw to deliver the Godzilla Web Shell. This attack demonstrates the ongoing threat posed by zero-day vulnerabilities and the importance of regularly updating software with the latest security patches.
Cybercriminals leaked massive volumes of stolen PII data from Thailand in Dark Web. This highlights the ongoing issue of personal data theft and the need for organizations to prioritize data protection.
Attackers targeted Apache Hadoop and Flink to deliver cryptominers. This attack underscores the growing concern for IoT devices and their potential vulnerability to malware.
Apple fixed a bug in Magic Keyboard that allows to monitor Bluetooth traffic. This fix demonstrates Apple's commitment to patching security vulnerabilities and protecting user data.
Security Affairs newsletter Round 455 by Pierluigi Paganini - INTERNATIONAL EDITION was recently published. This newsletter highlights the latest cybersecurity news and updates from around the world.
Admin of the BreachForums hacking forum sentenced to 20 years supervised release. This sentence demonstrates the ongoing concern for cybercrime and the importance of holding individuals accountable for their actions.
VF Corp December data breach impacts 35 million customers. This highlights the growing concern for retail sector cybersecurity and the need for organizations to prioritize data protection.
China-linked APT UNC3886 exploits VMware zero-day since 2021. This attack demonstrates the ongoing threat posed by nation-state actors and the importance of regularly updating software with the latest security patches.
Ransomware attacks break records in 2023: the number of victims rose by 128%. This highlights the growing concern for ransomware attacks and the need for organizations to prioritize cybersecurity measures.
U.S. CISA warns of actively exploited Ivanti EPMM flaw CVE-2023-35082. This warning underscores the importance of regularly monitoring systems for known vulnerabilities and addressing them promptly.
The Quantum Computing Cryptopocalypse - I'll Know It When I See It. This article highlights the growing concern for quantum computing and its potential impact on cybersecurity.
Kansas State University suffered a serious cybersecurity incident. This highlights the ongoing concern for higher education sector cybersecurity and the need for organizations to prioritize data protection.
CISA adds Chrome and Citrix NetScaler to its Known Exploited Vulnerabilities catalog. This addition underscores the importance of keeping software up-to-date with the latest security patches.
Google TAG warns that Russian COLDRIVER APT is using a custom backdoor. This warning highlights the ongoing threat posed by nation-state actors and the need for organizations to prioritize cybersecurity measures.
PixieFail: Nine flaws in UEFI open-source reference implementation could have severe impacts. This article highlights the growing concern for IoT devices and their potential vulnerability to malware.
iShutdown lightweight method allows to discover spyware infections on iPhones. This discovery underscores the ongoing concern for mobile device security and the need for organizations to prioritize data protection.
Pro-Russia group hit Swiss govt sites after Zelensky visit in Davos. This attack demonstrates the ongoing threat posed by nation-state actors and the importance of regularly updating software with the latest security patches.
Github rotated credentials after the discovery of a vulnerability. This rotation highlights the importance of prioritizing cybersecurity measures and regularly monitoring systems for known vulnerabilities.
FBI, CISA warn of AndroxGh0st botnet for victim identification and exploitation. This warning underscores the ongoing concern for cybercrime and the need for organizations to prioritize data protection.
Citrix warns admins to immediately patch NetScaler for actively exploited zero-days. This patching demonstrates Citrix's commitment to protecting its customers' systems from known vulnerabilities.
Google fixed the first actively exploited Chrome zero-day of 2024. This fix highlights Google's commitment to patching security vulnerabilities and protecting user data.
Atlassian fixed critical RCE in older Confluence versions. This fix underscores Atlassian's commitment to protecting its customers' systems from known vulnerabilities.
VMware fixed a critical flaw in Aria Automation. Patch it now! This patching demonstrates VMware's commitment to protecting its customers' systems from known vulnerabilities.
Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws. This warning highlights the ongoing concern for cybercrime and the need for organizations to prioritize data protection.
Experts warn of a vulnerability affecting Bosch BCC100 Thermostat. This vulnerability underscores the growing concern for IoT devices and their potential vulnerability to malware.
Over 178,000 SonicWall next-generation firewalls (NGFW) online exposed to hack. This highlights the ongoing concern for network security and the need for organizations to prioritize data protection.
Phemedrone info stealer campaign exploits Windows smartScreen bypass. This exploitation demonstrates the ongoing threat posed by zero-day vulnerabilities and the importance of regularly updating software with the latest security patches.
Balada Injector continues to infect thousands of WordPress sites. This highlights the growing concern for content management system (CMS) security and the need for organizations to prioritize data protection.
Attackers target Apache Hadoop and Flink to deliver cryptominers. This attack demonstrates the ongoing threat posed by IoT devices and their potential vulnerability to malware.
Apple fixed a bug in Magic Keyboard that allows to monitor Bluetooth traffic. This fix highlights Apple's commitment to patching security vulnerabilities and protecting user data.
Security Affairs newsletter Round 454 by Pierluigi Paganini - INTERNATIONAL EDITION was recently published. This newsletter highlights the latest cybersecurity news and updates from around the world.
GitLab fixed a critical zero-click account hijacking flaw. This fix underscores GitLab's commitment to protecting its customers' systems from known vulnerabilities.
Juniper Networks fixed a critical RCE bug in its firewalls and switches. This patching demonstrates Juniper's commitment to protecting its customers' systems from known vulnerabilities.
Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election. This highlights the ongoing concern for election security and the need for organizations to prioritize data protection.
Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467. This proof-of-concept highlights the growing concern for enterprise software vulnerabilities and the importance of regularly updating software with the latest security patches.
Team Liquid’s wiki leak exposes 118K users. This leak underscores the ongoing concern for online community security and the need for organizations to prioritize data protection.
CISA adds Ivanti and Microsoft SharePoint bugs to its Known Exploited Vulnerabilities catalog. This addition highlights the importance of keeping software up-to-date with the latest security patches.
Two zero-day bugs in Ivanti Connect Secure actively exploited. This exploitation demonstrates the ongoing threat posed by zero-day vulnerabilities and the importance of regularly updating software with the latest security patches.
X Account of leading cybersecurity firm Mandiant was hacked because not adequately protected. This hack highlights the ongoing concern for cybersecurity firms' vulnerability to attacks.
Cisco fixed critical Unity Connection vulnerability CVE-2024-20272. This fix demonstrates Cisco's commitment to protecting its customers' systems from known vulnerabilities.
ShinyHunters member sentenced to three years in prison. This sentence demonstrates ShinyHunters' group's accountability for their actions and the ongoing concern for cybercrime.
HMG Healthcare disclosed a data breach. This highlights the growing concern for healthcare sector cybersecurity and the need for organizations to prioritize data protection.
Threat actors hacked the X account of the Securities and Exchange Commission (SEC) and announced fake Bitcoin ETF approval. This attack demonstrates the ongoing threat posed by nation-state actors and the importance of regularly updating software with the latest security patches.
Decryptor for Tortilla variant of Babuk ransomware released. This release highlights the ongoing concern for ransomware attacks and the need for organizations to prioritize data protection.
Microsoft Patch Tuesday for January 2024 fixed 2 critical flaws. This patching demonstrates Microsoft's commitment to protecting its customers' systems from known vulnerabilities.
Related Information:
https://www.ethicalhackingnews.com/articles/The-Latest-Exploited-Vulnerabilities-A-Growing-Concern-for-Cybersecurity-ehn.shtml
https://securityaffairs.com/177367/hacking/u-s-cisa-adds-yii-framework-and-commvault-command-center-flaws-to-its-known-exploited-vulnerabilities-catalog.html
https://www.cisa.gov/news-events/alerts/2025/05/02/cisa-adds-two-known-exploited-vulnerabilities-catalog
https://nvd.nist.gov/vuln/detail/CVE-2025-34028
https://www.cvedetails.com/cve/CVE-2025-34028/
https://nvd.nist.gov/vuln/detail/CVE-2024-58136
https://www.cvedetails.com/cve/CVE-2024-58136/
https://nvd.nist.gov/vuln/detail/CVE-2023-35082
https://www.cvedetails.com/cve/CVE-2023-35082/
https://nvd.nist.gov/vuln/detail/CVE-2024-23222
https://www.cvedetails.com/cve/CVE-2024-23222/
https://nvd.nist.gov/vuln/detail/CVE-2024-20272
https://www.cvedetails.com/cve/CVE-2024-20272/
https://nvd.nist.gov/vuln/detail/CVE-2023-51467
https://www.cvedetails.com/cve/CVE-2023-51467/
Published: Sat May 3 07:18:22 2025 by llama3.2 3B Q4_K_M
