A newly discovered critical security vulnerability in Ivanti Connect Secure appliances, CVE-2025-0282, presents a serious risk as it has been exploited since mid-December 2024, with a CVSS score of 9.0 indicating its severity. Mandiant found that the flaw, functioning as a stack-based buffer overflow bug, could allow for unauthenticated remote code execution, leading to deployments of various malware including SPAWNANT and SPAWNMOLE, hinting at coordinated attacks by multiple threat groups including the China-linked UNC5337.
Microsoft is pursuing legal action against an unidentified foreign threat-actor group accused of misusing stolen Azure API keys and customer Entra ID authentication information to breach its systems. The intent was to access Azure OpenAI Service for creating harmful content and monetizing that access through illegal channels. This alarming situation spotlights the emerging threat of "hacking-as-a-service" where individuals create infrastructure for others to exploit similar vulnerabilities, raising cybersecurity concerns.
Collection
[
|
...
]