#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
Security Service Edge

Search results for Java Runtime Environment (JRE) - Oracle cve | Breaking Cybersecurity News | The Hacker News

Microsoft Fixes 78 Flaws, 5 Zero-Days Exploited; CVSS 10 Bug Impacts Azure DevOps Server

Microsoft Fixes 78 Flaws, 5 Zero-Days Exploited; CVSS 10 Bug Impacts Azure DevOps Server

May 14, 2025 Endpoint Security / Vulnerability
Microsoft on Tuesday shipped fixes to address a total of 78 security flaws across its software lineup, including a set of five zero-days that have come under active exploitation in the wild. Of the 78 flaws resolved by the tech giant, 11 are rated Critical, 66 are rated Important, and one is rated Low in severity. Twenty-eight of these vulnerabilities lead to remote code execution, 21 of them are privilege escalation bugs, and 16 others are classified as information disclosure flaws. The updates are in addition to eight more security defects patched by the company in its Chromium-based Edge browser since the release of last month's Patch Tuesday update . The five vulnerabilities that have come under active exploitation in the wild are listed below - CVE-2025-30397 (CVSS score: 7.5) - Scripting Engine Memory Corruption Vulnerability CVE-2025-30400 (CVSS score: 7.8) - Microsoft Desktop Window Manager (DWM) Core Library Elevation of Privilege Vulnerability CVE-2025-3270...
Java-Bot, a Cross-platform malware launching DDoS attacks from infected computers

Java-Bot, a Cross-platform malware launching DDoS attacks from infected computers

Jan 29, 2014
These days botnets are all over the news. In simple terms, a botnet is a group of computers networked together, running a piece of malicious software that allows them to be controlled by a remote attacker. A major target for most of the malware is still Windows, but the growing market of Mac OS X, Linux and Smartphones, is also giving a solid reason to cyber criminals to focus. Recently, Kaspersky Lab has detected another cross-platform Java-Bot , capable of infecting computers running Windows, Mac OS X, and Linux that has Java Runtime Environment installed. Last year, Zoltan Balazs - CTO at MRG Effitas submitted the samples of malicious Java application for analysis to Kaspersky Lab and they identified it as HEUR : Backdoor.Java.Agent.a . According to researchers, to compromise computers, Java-Bot is exploiting a previously known critical Java vulnerability CVE-2013-2465 that was patched in last June. The vulnerability persists in Java 7 u21 and earlier vers...
Popular Resources
Articles
Your AI Code Assistant Might Be Spying on You — Here's Proof
Articles
Your Google Workspace May Fail Compliance—Get a Free Risk Report
Articles
Before Your Next Audit: Discover Every App You've Missed — Try Orchid Today
Articles
Your JavaScript May Be Leaking Secrets You Don't Know About
Expert Insights Articles Videos
Cybersecurity Resources