OttoKit Flaw Allows Admin Account Creation
A severe vulnerability, CVE-2025-3102, was discovered in the OttoKit (formerly SureTriggers) plugin for WordPress. This flaw, an authorization bypass,
Tag: Cyber Alerts 2025
Malicious npm Package Targets Crypto Wallets
A new attack targeting cryptocurrency users has emerged through the npm registry, where threat actors upload malicious packages. These packages,
Jenkins Docker Vulnerability Exposes Network
A recent vulnerability in Jenkins Docker images has raised concerns over network security. This vulnerability, caused by the reuse of SSH host keys
CISA Adds Critical Linux Kernel Flaws to KEV
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two Linux Kernel vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog.
SSRF Exploits Target AWS EC2 Instances
A recent targeted campaign leveraged Server-Side Request Forgery (SSRF) vulnerabilities in websites hosted on AWS EC2 instances. This allowed attackers
AkiraBot Spams 80K Sites Using AI Messages
AkiraBot is an AI-powered spamming framework that has targeted over 80,000 websites since its inception in September 2024.
Hackers Exploit Gladinet CentreStack Flaw
Hackers have exploited a zero-day vulnerability in Gladinet CentreStack’s file-sharing software since March 2025. This flaw, identified as CVE-2025-30406,
APT32 Targets Chinese Cybersecurity
APT32, also known as OceanLotus, has launched a sophisticated cyberattack using GitHub to target Chinese cybersecurity professionals.
CatB Ransomware Uses MSDTC for Payload
CatB ransomware, identified in late 2022, has emerged as a sophisticated threat to cybersecurity. Known for its stealthy payload execution
RansomEXX Exploits Windows Zero-Day Flaw
Microsoft disclosed the exploitation of a security vulnerability in the Windows Common Log File System (CLFS), tracked as CVE-2025-29824,
© 2025 | CyberMaterial | All rights reserved