CVE-2025-2492 impacts ASUS AiCloud Routers

CVE-2025-2492 impacts ASUS AiCloud Routers

CVE-2025-2492 is a critical authentication bypass vulnerability affecting ASUS routers with AiCloud enabled. This flaw allows remote attackers to execute unauthorized functions on vulnerable devices without authentication, posing a significant…
IronHusky APT deploys MysterySnail APT

IronHusky APT deploys MysterySnail APT

IronHusky APT, a China-linked cyber espionage group, has resurfaced with an evolved version of its MysterySnail RAT, targeting government organizations in Russia and Mongolia. Leveraging malicious MMC scripts, the campaign…
Operation ForumTroll Detailed out

Operation ForumTroll Detailed out

Operation ForumTroll is a sophisticated Advanced Persistent Threat (APT) campaign that exploits a zero-day vulnerability (CVE-2025-2783) in Google Chrome. This operation was uncovered in March 2025 and is believed to…
CVE-2025-24054 Critical NTLM Hash Flaw

CVE-2025-24054 Critical NTLM Hash Flaw

CVE-2025-24054 is a high-severity NTLM authentication vulnerability that allows attackers to leak NTLMv2-SSP (Security Support Provider) hashes through spoofing techniques. The exploitation relies on maliciously crafted .library-ms files, which can…
CVE-2025-3608 impacts Mozilla Firefox

CVE-2025-3608 impacts Mozilla Firefox

CVE-2025-3608 is a high-severity vulnerability identified in Mozilla Firefox that arises due to a race condition within the nsHttpTransaction component. This flaw could lead to memory corruption, potentially resulting in…
CVE-2025-24859 impacts Apache Roller

CVE-2025-24859 impacts Apache Roller

CVE-2025-24859 is a critical security vulnerability found in Apache Roller, an open-source Java-based blogging platform. This flaw impacts session management, allowing unauthorized session persistence even after a user resets their…