JPCERT Confirms Active Command Injection Attacks on Array AG Gateways
Dec 05, 2025Ravie LakshmananVulnerability / Network Security A command injection vulnerability in Array Networks AG Series secure access gateways has...
command
Cisco fixes critical UCCX flaw allowing Root command execution
Cisco fixes critical UCCX flaw allowing Root command execution Pierluigi Paganini November 07, 2025 Cisco patched a critical flaw in...
Ghost in the Cloud: Weaponizing AWS X-Ray for Command & Control
Ghost in the Cloud: Weaponizing AWS X-Ray for Command & Control Pierluigi Paganini October 05, 2025 Attackers can weaponize AWS...
U.S. CISA adds Yii Framework and Commvault Command Center flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Yii Framework and Commvault Command Center flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini May 03,...
Commvault Command Center Vulnerability Allows Remote Code Execution
An important security vulnerability has been revealed in the Commvault Command Center that enables attackers to remotely execute code on...
The MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks
Command ID Function cmd_10001 Gather mobile device data (including IMEI, IMSI, serial number, device brand, device model, OS version, memory...
TIDRONE Aims at Military and Satellite Sectors in Taiwan
Upon examining this specimen, we discovered that the command and control (C&C) server was inactive. By analyzing the APIs utilized...
July Sees Microsoft Addressing Four Critical Zero-Day Vulnerabilities
To ensure seamless PowerShell updates, a diagnostic test is now mandatory. Execute the command "import-module Microsoft.powershell.diagnostics – verbose" and ascertain...
