In recent months, cybersecurity researchers have observed a surge in targeted campaigns by a sophisticated Chinese APT group leveraging commercial proxy and VPN services to mask their attack infrastructure. The emergence of this tactic coincides with a broader shift toward commoditized anonymization platforms that blend threat actor traffic with legitimate user activity. Initial compromise vectors
A comprehensive security analysis of vtenext CRM version 25.02 has revealed multiple critical vulnerabilities that allow unauthenticated attackers to bypass authentication mechanisms through three distinct attack vectors, ultimately leading to remote code execution on target systems. The Italian CRM solution, utilized by numerous small and medium enterprises across Italy, faces significant security exposure despite attempted
Among the variety of cyber-attacks that we witness happening around us, Zero-day attacks are remarkably insidious in nature. Due to the fact that these attacks exploit the unknown vulnerabilities, zero-day...
Over the past year, security teams have observed an uptick in adversaries leveraging native Windows Scheduled Tasks to maintain footholds in compromised environments. Unlike elaborate rootkits or zero-day exploits, these techniques exploit built-in system functionality, enabling threat actors to persist without deploying additional binaries or complex toolchains. By integrating malicious commands directly into Task Scheduler
The Arch Linux Project has officially confirmed that its primary infrastructure services have been subjected to an ongoing distributed denial-of-service (DDoS) attack that has persisted for over a week. The attack severely impacted user access to critical resources, including the main website, Arch User Repository (AUR), and community forums. Key Takeaways1. A week-long DDoS has
Cybersecurity today moves at the pace of global politics. A single breach can ripple across supply chains, turn a software flaw into leverage, or shift who holds the upper hand. For leaders, this means defense isn't just a matter of firewalls and patches - it's about strategy. The strongest organizations aren't the ones with the most tools, but the ones that see how cyber risks connect to business
A sophisticated obfuscation technique that threat actors are using to bypass detection systems and exploit Python's eval() and exec() functions for malicious code execution. With over 100 supply chain attacks reported on PyPI in the past five years, these techniques pose a significant risk to organizations relying on Python packages. Key Takeaways1. Hackers hide malicious
Security Information and Event Management (SIEM) systems act as the primary tools for detecting suspicious activity in enterprise networks, helping organizations identify and respond to potential attacks in real time. However, the new Picus Blue Report 2025, based on over 160 million real-world attack simulations, revealed that organizations are only detecting 1 out of 7 simulated attacks,
For the latest discoveries in cyber research for the week of 25th August, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES US pharmaceutical company Inotiv has experienced a ransomware attack that resulted in the unauthorized access and encryption of certain systems and data. The Qilin ransomware gang claimed responsibility and alleged the theft
Today we will cover a powerful, easy to use, autonomous agent called Manus. Manus is developed by the Chinese startup Butterfly Effect, headquartered in Singapore. This post demonstrates an end-to-end indirect prompt injection attack leading to a compromise of Manus' dev box. This is achieved by tricking Manus to expose it's internal VS Code Server to the Internet, and then sharing the URL and password with the atacker. Specifically, this post demonstrates that:
submitted by /u/Realistic_Truth_7030 [link] [comments]
Hey everyone, I've recently been tasked with building a vulnerability management program from zero at my company, and I'd love to hear how others here have structured theirs. For context, we have a mid to large scale IT operations system including Cloud, Endpoint, Compliance, SOC, IAM, etc. and the current plan is to build the process top-down. My focus will be to create a baseline + questionnaire (5 - 10 questions for each stakeholder team) to capture expectations, develop an Incident...
A detailed proof-of-concept exploit and comprehensive vulnerability analysis have been released for CVE-2025-43300, a critical zero-click remote code execution flaw affecting Apple's image processing infrastructure. The vulnerability, discovered in Apple's implementation of JPEG Lossless Decompression within the RawCamera.bundle, allows attackers to achieve code execution without any user interaction through maliciously crafted DNG (Digital Negative) files.
A sophisticated credential harvesting campaign has emerged, exploiting the trusted reputation of SendGrid to deliver phishing emails that successfully bypass traditional email security gateways. The attack leverages SendGrid's legitimate cloud-based email service platform to create authentic-looking communications that target unsuspecting users across multiple organizations. The campaign employs a multi-faceted approach, utilizing three distinct email themes
arXiv:2503.00038v4 Announce Type: replace-cross Abstract: Current studies have exposed the risk of Large Language Models (LLMs) generating harmful content by jailbreak attacks. However, they overlook that the direct generation of harmful content from scratch is more difficult than inducing LLM to calibrate benign content into harmful forms. In our study, we introduce a novel attack framework that exploits AdVersArial meTAphoR (AVATAR) to induce the LLM to calibrate malicious metaphors for...
arXiv:2405.15089v4 Announce Type: replace Abstract: In a Proof-of-Work blockchain such as Bitcoin mining hashrate is increasing in the block reward. An increase in hashrate reduces network vulnerability to attack (a reduction in security cost) while increasing carbon emissions and electricity cost (an increase in externalities cost). This implies a tradeoff in total cost at different levels of hashrate and the existence of a hashrate interval where total cost is minimized. Targeted Nakamoto is...
arXiv:2508.16406v1 Announce Type: new Abstract: Large Language Models (LLMs) remain vulnerable to jailbreak attacks, which attempt to elicit harmful responses from LLMs. The evolving nature and diversity of these attacks pose many challenges for defense systems, including (1) adaptation to counter emerging attack strategies without costly retraining, and (2) control of the trade-off between safety and utility. To address these challenges, we propose Retrieval-Augmented Defense (RAD), a novel...
arXiv:2508.16202v1 Announce Type: new Abstract: This paper studies proof-of-work Nakamoto consensus under bounded network delays, settling two long-standing questions in blockchain security: How can an adversary most effectively attack block safety under a given block confirmation latency? And what is the resulting probability of safety violation? A Markov decision process (MDP) framework is introduced to precise characterize the system state (including the tree and timings of all blocks...
arXiv:2508.16133v1 Announce Type: new Abstract: Sensors are fundamental to cyber-physical systems (CPS), enabling perception and control by transducing physical stimuli into digital measurements. However, despite growing research on physical attacks on sensors, our understanding of sensor hardware vulnerabilities remains fragmented due to the ad-hoc nature of this field. Moreover, the infinite attack signal space further complicates threat abstraction and defense. To address this gap, we...
arXiv:2508.15934v1 Announce Type: new Abstract: Backdoor attacks pose a significant threat to the integrity of text classification models used in natural language processing. While several dirty-label attacks that achieve high attack success rates (ASR) have been proposed, clean-label attacks are inherently more difficult. In this paper, we propose three sample selection strategies to improve attack effectiveness in clean-label scenarios: Minimum, Above50, and Below50. Our strategies identify...