Multiple Groups Exploit NTLM Flaw in Microsoft Windows

Blog

Byadmblake April 16, 2025

The attacks have been going on since shortly after Microsoft patched the vulnerability in March.

Blog

Record 29.7 Tbps DDoS Attack Linked to AISURU Botnet with up to 4 Million Infected Hosts

Cloudflare on Wednesday said it detected and mitigated the largest ever distributed denial-of-service (DDoS) attack that measured at 29.7 terabits per second (Tbps). The activity, the web infrastructure and security company said, originated from a DDoS botnet-for-hire known as AISURU, which has been linked to a number of hyper-volumetric DDoS attacks over the past year….

Read More Record 29.7 Tbps DDoS Attack Linked to AISURU Botnet with up to 4 Million Infected Hosts
Blog

Moving CVEs past one-nation control

A near-miss episode of attempted defunding spotlights a need for a better way

Read More Moving CVEs past one-nation control
Blog

Chopping AI Down to Size: Turning Disruptive Technology into a Strategic Advantage

Most people know the story of Paul Bunyan. A giant lumberjack, a trusted axe, and a challenge from a machine that promised to outpace him. Paul doubled down on his old way of working, swung harder, and still lost by a quarter inch. His mistake was not losing the contest. His mistake was assuming that…

Read More Chopping AI Down to Size: Turning Disruptive Technology into a Strategic Advantage
Blog

Trimble Cityworks Remote Code Execution Attack

What is the Attack?Trimble Cityworks contains a deserialization vulnerability. This could allow an authenticated user to perform a remote code execution attack against a customer’s Microsoft Internet Information Services (IIS) web server, potentially resulting in downtime and potential loss of service. According to Trimble Cityworks website, it provides a Geographic Information System (GIS)-centric solution for…

Read More Trimble Cityworks Remote Code Execution Attack
Blog

Complex VoidLink Linux Malware Created by AI

Researchers say the advanced framework was built almost entirely by agents, marking a significant evolution in the use of AI to develop wholly original malware.

Read More Complex VoidLink Linux Malware Created by AI
Blog

Zimbra Collaboration Local File Inclusion

A Local File Inclusion (LFI) vulnerability (CVE-2025-68645) exists in the Zimbra Collaboration Suite (ZCS) Webmail Classic UI due to improper handling of user-supplied request parameters in the RestFilter servlet. An unauthenticated remote attacker can craft malicious requests, potentially exposing sensitive configuration and application data and aiding further compromise.

Read More Zimbra Collaboration Local File Inclusion

Related