GreyNoise Intelligence Releases New Research on Cybersecurity Vulns

Blog

Byadmblake March 4, 2025

Post Content

Blog

Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits

The China-nexus cyber espionage group tracked as UNC3886 has been observed targeting end-of-life MX routers from Juniper Networks as part of a campaign designed to deploy custom backdoors, highlighting their ability to focus on internal networking infrastructure. “The backdoors had varying custom capabilities, including active and passive backdoor functions, as well as an embedded script…

Read More Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits
Blog

Vulnerability in Zyxel Network Attached Storage (NAS) Devices

FortiGuard Labs is aware of a newly disclosed vulnerability in Zyxel network attached storage (NAS) devices in an advisory published today by CERT/CC. Multiple Zyxel devices contain a pre authentication command injection vulnerability, which may allow a remote unauthenticated attacker to execute arbitrary code on the device. The vulnerability was reported by security journalist Brian…

Read More Vulnerability in Zyxel Network Attached Storage (NAS) Devices
Blog

New AI Challenges Will Test CISOs & Their Teams in 2025

CISOs need to recognize the new threats AI can present — while also embracing AI-powered solutions to stay ahead of those threats.

Read More New AI Challenges Will Test CISOs & Their Teams in 2025
Blog

GitHub’s AI Assistant Opened Devs to Code Theft

Even after a fix was issued, lingering prompt injection risks in GitLab’s AI assistant might allow attackers to indirectly deliver developers malware, dirty links, and more.

Read More GitHub’s AI Assistant Opened Devs to Code Theft
Blog

Windows CLFS Driver Elevation of Privilege

What is the Vulnerability?A zero-day vulnerability has recently been identified in the Common Log File System (CLFS) kernel driver. CLFS is a general-purpose logging subsystem within the Windows operating system that provides a high-performance way to store log data for various applications. If successfully exploited, an attacker operating under a standard user account can elevate…

Read More Windows CLFS Driver Elevation of Privilege
Blog

RESURGE Malware Exploits Ivanti Flaw with Rootkit and Web Shell Features

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has shed light on a new malware called RESURGE that has been deployed as part of exploitation activity targeting a now-patched security flaw in Ivanti Connect Secure (ICS) appliances. “RESURGE contains capabilities of the SPAWNCHIMERA malware variant, including surviving reboots; however, RESURGE contains distinctive commands that

Read More RESURGE Malware Exploits Ivanti Flaw with Rootkit and Web Shell Features

Related