相關新聞 | HKCERT

Hackers Launch Widespread Attacks on Palo Alto GlobalProtect Portals from 7,000+ IPs

In an escalating campaign targeting remote access infrastructure, threat actors have initiated active exploitation attempts against Palo Alto Networks’ GlobalProtect VPN portals. GrayNoise tracking activity report scans and exploitation efforts originating from more than 7,000 unique IP addresses worldwide, raising alarms for organizations relying...

Cyber Security News 2025年12月07日 769 觀看次數

CISA and NSA Warns of BRICKSTORM Malware Attacking VMware ESXi and Windows Environments

The Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Canadian Centre for Cyber Security (Cyber Centre) issued a joint advisory today, warning of a sophisticated new malware campaign orchestrated by People’s Republic of China (PRC...

Cyber Security News 2025年12月05日 811 觀看次數

Hackers are exploiting ArrayOS AG VPN flaw to plant webshells

Threat actors have been exploiting a command injection vulnerability in Array AG Series VPN devices to plant webshells and create rogue users....

Bleepingcomputer 2025年12月05日 803 觀看次數

Critical RSC Bugs in React and Next.js Allow Unauthenticated Remote Code Execution

A maximum-severity security flaw has been disclosed in React Server Components (RSC) that, if successfully exploited, could result in remote code execution. The vulnerability, tracked as CVE-2025-55182, carries a CVSS score of 10.. It allows...

The Hacker News 2025年12月04日 843 觀看次數

Brazil Hit by Banking Trojan Spread via WhatsApp Worm and RelayNFC NFC Relay Fraud

The threat actor known as Water Saci is actively evolving its tactics, switching to a sophisticated, highly layered infection chain that uses HTML Application (HTA) files and PDFs to propagate via WhatsApp a worm that deploys a banking trojan in attacks targeting users in Brazil. ...

The Hacker News 2025年12月03日 792 觀看次數

Shai-Hulud 2.0 NPM malware attack exposed up to 400,000 dev secrets

The second Shai-Hulud attack last week exposed around 400,000 raw secrets after infecting hundreds of packages in the NPM (Node Package Manager) registry and publishing stolen data in 30,000 GitHub repositories. [...]

Bleepingcomputer 2025年12月03日 914 觀看次數

SmartTube YouTube app for Android TV breached to push malicious update

The popular open-source SmartTube YouTube client for Android TV was compromised after an attacker gained access to the developer's signing keys, leading to a malicious update being pushed to users. [...]

Bleepingcomputer 2025年12月02日 911 觀看次數

Zendesk users targeted as Scattered Lapsus$ Hunters spin up fake support sites

Scattered Lapsus$ Hunters may be circling Zendesk users for its latest extortion campaign, with new phishing domains and weaponized helpdesk tickets uncovered by ReliaQuest.…

The Register 2025年11月28日 224 觀看次數

New ShadowV2 botnet malware used AWS outage as a test opportunity

A new Mirai-based botnet malware named 'ShadowV2' has been observed targeting IoT devices from D-Link, TP-Link, and other vendors with exploits for known vulnerabilities. [...]

Bleepingcomputer 2025年11月27日 310 觀看次數

Qilin RaaS Exposed 1 Million Files and 2 TB of Data Linked to Korean MSP Breach

The “Korean Leaks” campaign has emerged as one of the most sophisticated supply chain attacks targeting South Korea’s financial sector in recent memory. This operation combined the capabilities of the Qilin Ransomware-as-a-Service (RaaS) group with potential involvement...

Cyber Security News 2025年11月27日 405 觀看次數