The following advisories/alerts from Novacoast are intended to brief users and administrators on newly discovered threats, vulnerabilities, and critical software updates.
Weekly Top 10: 05.26.2025: Botnets Disrupted Worldwide… Operation Endgame Is Back; Chinese Hackers Exploit Ivanti EPMM Bugs in Global Enterprise Network Attacks; M&S’ $400 Million Cyberattack Upheaval to Linger Into July; and More.
Botnets Disrupted Worldwide… Operation Endgame Is Back; Chinese Hackers Exploit Ivanti EPMM Bugs in Global…
Weekly Top 10: 05.19.2025: Two 0-Day Exploits in Ivanti Endpoint Management Used in the Wild; Windows 10 Updates Cause Bootlocker Encryption; AI Vishing Campaign Impersonates Government Officials; and More.
Two 0-Day Exploits in Ivanti Endpoint Management Used in the Wild; Windows 10 Updates Cause Bootlocker Encryption; AI…
Weekly Top 10: 05.12.2025: Critical Code Execution Flaw Patched in LangFlow; CISA Warns Threat Actors are Targeting Energy and Transportation Systems Sectors, Google Patches Zero-Click RCE Flaw on Android, and More.
Critical Code Execution Flaw Patched in LangFlow; CISA Warns Threat Actors are Targeting Energy and Transportation…
Weekly Top 10: 05.05.2025: Using Trusted Protocols Against You: Gmail as a C2 Mechanism, Shadow Roles: AWS Defaults Can Open the Door to Service Takeover, Gremlin Stealer: New Stealer on Sale in Underground Forum, and More.
Using Trusted Protocols Against You: Gmail as a C2 Mechanism, Shadow Roles: AWS Defaults Can Open the Door to Service…
Weekly Top 10: 04.21.2025: ASUS AiCloud Authentication Bypass, CISA Warns of SonicWall SMA Being Actively Exploited, ‘Mustang Panda’ Employs Four New Attack Tools, and More.
ASUS AiCloud Authentication Bypass, CISA Warns of SonicWall SMA Being Actively Exploited, 'Mustang Panda' Employs…
Weekly Top 10: 04.14.2025: Exploitation of CLFS Zero-Day Leads to Ransomware Activity, Unraveling the U.S. Toll Road Smishing Scams, Shuckworm Targets Foreign Military Mission Based in Ukraine, and More.
Exploitation of CLFS Zero-Day Leads to Ransomware Activity, Unraveling the U.S. Toll Road Smishing Scams, Shuckworm…
Weekly Top 10: 04.07.2025: Oracle QR Codes on the Rise in Phishing Attempts, Partially Confirms Data Breach, Hackers Skim Credit Cards Online Using the Stripe API, and More.
Oracle QR Codes on the Rise in Phishing Attempts, Partially Confirms Data Breach, Hackers Skim Credit Cards Online…
Weekly Top 10: 03.31.2025: QWCrypt Ransomware Targets Hyper-V, Weaver Ant In Zyxel Routers, Kubernetes IngressNightmare, and More.
QWCrypt ransomware specifically designed to encrypt data on Hyper-V virtual machines, Weaver Ant threat group…
Weekly Top 10: 03.24.2025: Semrush Impersonation Scam Hits Google Ads; Detecting and Mitigating Apache Tomcat, VSCode Extensions Found Downloading Early-Stage Ransomware, and More.
Weekly Top 10: 03.24.2025: Semrush Impersonation Scam Hits Google Ads; Detecting and Mitigating Apache Tomcat, VSCode…
Weekly Top 10: 03.17.2025: Meta Warns of Vulnerability in FreeType; ObscureBat Loader Cisco Vulnerability Leads to DoS of BGP Routers, and More.
Weekly Top 10: 03.17.2025: Meta Warns of Vulnerability in FreeType; ObscureBat Loader Cisco Vulnerability Leads to…
Weekly Top 10: 03.10.2025: Microsoft Took Down GitHub Repositories Used in Massive Malvertising Campaign; CISA Warns About Actively Exploited Vulnerabilities Exploited in-the-wild; EncryptHub OPSEC Failures Expose Their Infrastructure, and More.
Weekly Top 10: 03.10.2025: Microsoft Took Down GitHub Repositories Used in Massive Malvertising Campaign; CISA Warns…
Weekly Top 10: 03.03.2025: FBI Confirms Lazarus Hackers Were Behind $1.5B Bybit Crypto Heist; Dropping a 0 day: Parallels Desktop Repack Root Privilege Escalation; Android Trojan TgToxic Updates Its Capabilities, and More.
Weekly Top 10: 03.03.2025: FBI Confirms Lazarus Hackers Were Behind $1.5B Bybit Crypto Heist; Dropping a 0 day:…