Search results for java-attackers-and-response | Breaking Cybersecurity News | The Hacker News

In today's rapidly evolving cyber threat landscape, organizations face increasingly sophisticated attacks targeting their applications. Understanding these threats and the technologies designed to combat them is crucial. This article delves into the mechanics of a common application attack, using the infamous Log4Shell vulnerability as an example, and demonstrates how Application Detection and Response (ADR) technology effectively safeguards against such zero-day threats. View the Contrast ADR white paper The anatomy of a modern application attack: Log4Shell To illustrate the complexity and severity of modern application attacks, let's examine an attack against the infamous Log4Shell vulnerability ( CVE-2021-44228 ) that sent shockwaves through the cybersecurity world in late 2021. This attack is a prime example of attack chaining, leveraging JNDI Injection, Expression Language (EL) Injection and Command Injection. Technology note : The CVE program catalogs, which publicly...

Today, every unpatched system, leaked password, and overlooked plugin is a doorway for attackers. Supply chains stretch deep into the code we trust, and malware hides not just in shady apps — but in job offers, hardware, and cloud services we rely on every day. Hackers don't need sophisticated exploits anymore. Sometimes, your credentials and a little social engineering are enough. This week, we trace how simple oversights turn into major breaches — and the silent threats most companies still underestimate. Let's dive in. ⚡ Threat of the Week UNC5221 Exploits New Ivanti Flaw to Drop Malware — The China-nexus cyber espionage group tracked as UNC5221 exploited a now-patched flaw in Ivanti Connect Secure, CVE-2025-22457 (CVSS score: 9.0), to deliver an in-memory dropper called TRAILBLAZE, a passive backdoor codenamed BRUSHFIRE, and the SPAWN malware suite. The vulnerability was originally patched by Ivanti on February 11, 2025, indicating that the threat actors studied the patch a...

Every week, the cyber world reminds us that silence doesn't mean safety. Attacks often begin quietly — one unpatched flaw, one overlooked credential, one backup left unencrypted. By the time alarms sound, the damage is done. This week's edition looks at how attackers are changing the game — linking different flaws, working together across borders, and even turning trusted tools into weapons. From major software bugs to AI abuse and new phishing tricks, each story shows how fast the threat landscape is shifting and why security needs to move just as quickly. ⚡ Threat of the Week Dozens of Orgs Impacted by Exploitation of Oracle EBS Flaw — Dozens of organizations may have been impacted following the zero-day exploitation of a security flaw in Oracle's E-Business Suite (EBS) software since August 9, 2025, according to Google Threat Intelligence Group (GTIG) and Mandiant. The activity, which bears some hallmarks associated with the Cl0p ransomware crew, is assessed to have fashio...

It's easy to think your defenses are solid — until you realize attackers have been inside them the whole time. The latest incidents show that long-term, silent breaches are becoming the norm. The best defense now isn't just patching fast, but watching smarter and staying alert for what you don't expect. Here's a quick look at this week's top threats, new tactics, and security stories shaping the landscape. ⚡ Threat of the Week F5 Exposed to Nation-State Breach — F5 disclosed that unidentified threat actors broke into its systems and stole files containing some of BIG-IP's source code and information related to undisclosed vulnerabilities in the product. The company said it learned of the incident on August 9, 2025, although it's believed that the attackers were in its network for at least 12 months. The attackers are said to have used a malware family called BRICKSTORM, which is attributed to a China-nexus espionage group dubbed UNC5221. GreyNoise said it observed elevat...

This week, cyber attackers are moving quickly, and businesses need to stay alert. They're finding new weaknesses in popular software and coming up with clever ways to get around security. Even one unpatched flaw could let attackers in, leading to data theft or even taking control of your systems. The clock is ticking—if defenses aren't updated regularly, it could lead to serious damage. The message is clear: don't wait for an attack to happen. Take action now to protect your business. Here's a look at some of the biggest stories in cybersecurity this week: from new flaws in WinRAR and NVIDIA Triton to advanced attack techniques you should know about. Let's get into the details. ⚡ Threat of the Week Trend Micro Warns of Actively Exploited 0-Day — Trend Micro has released temporary mitigations to address critical security flaws in on-premise versions of Apex One Management Console that it said have been exploited in the wild. The vulnerabilities (CVE-2025-54948 and CVE-2025-54987),...

This past week has been packed with unsettling developments in the world of cybersecurity. From silent but serious attacks on popular business tools to unexpected flaws lurking in everyday devices, there's a lot that might have flown under your radar. Attackers are adapting old tricks, uncovering new ones, and targeting systems both large and small. Meanwhile, law enforcement has scored wins against some shady online marketplaces, and technology giants are racing to patch problems before they become a full-blown crisis. If you've been too busy to keep track, now is the perfect time to catch up on what you may have missed. ⚡ Threat of the Week Cleo Vulnerability Comes Under Active Exploitation — A critical vulnerability (CVE-2024-50623) in Cleo's file transfer software—Harmony, VLTrader, and LexiCom—has been actively exploited by cybercriminals , creating major security risks for organizations worldwide. The flaw enables attackers to execute code remotely without authorization...

As 2025 draws to a close, security professionals face a sobering realization: the traditional playbook for web security has become dangerously obsolete. AI-powered attacks, evolving injection techniques, and supply chain compromises affecting hundreds of thousands of websites forced a fundamental rethink of defensive strategies. Here are the five threats that reshaped web security this year, and why the lessons learned will define digital protection for years to come. 1. Vibe Coding Natural language coding, " vibe coding " , transformed from novelty to production reality in 2025, with nearly 25% of Y Combinator startups using AI to build core codebases. One developer launched a multiplayer flight simulator in under three hours, eventually scaling it to 89,000 players and generating thousands in monthly revenue. The Result Code that functions perfectly yet contains exploitable flaws, bypassing traditional security tools. AI generates what you ask for, not what you forget...

The cyber world never hits pause, and staying alert matters more than ever. Every week brings new tricks, smarter attacks, and fresh lessons from the field. This recap cuts through the noise to share what really matters—key trends, warning signs, and stories shaping today's security landscape. Whether you're defending systems or just keeping up, these highlights help you spot what's coming before it lands on your screen. ⚡ Threat of the Week Oracle 0-Day Under Attack — Threat actors with ties to the Cl0p ransomware group have exploited a zero-day flaw in E-Business Suite to facilitate data theft attacks. The vulnerability, tracked as CVE-2025-61882 (CVSS score: 9.8), concerns an unspecified bug that could allow an unauthenticated attacker with network access via HTTP to compromise and take control of the Oracle Concurrent Processing component. In a post shared on LinkedIn, Charles Carmakal, CTO of Mandiant at Google Cloud, said "Cl0p exploited multiple vulnerabilities in Ora...

Cybersecurity researchers have discovered a new hacking technique that exploits weaknesses in the eSIM technology used in modern smartphones, exposing users to severe risks. The issues impact the Kigen eUICC card. According to the Irish company's website, more than two billion SIMs in IoT devices have been enabled as of December 2020. The findings come from Security Explorations, a research lab of AG Security Research company. Kigen awarded the company a $30,000 bounty for their report. An eSIM, or embedded SIM, is a digital SIM card that's embedded directly into a device as software installed onto an Embedded Universal Integrated Circuit Card (eUICC) chip. eSIMs allow users to activate a cellular plan from a carrier without the need for a physical SIM card. eUICC software offers the ability to change operator profiles, remote provisioning, and management of SIM profiles. "The eUICC card makes it possible to install the so-called eSIM profiles into the target chi...

A cybersecurity researcher at Tenable has discovered multiple security vulnerabilities in Verizon Fios Quantum Gateway Wi-Fi routers that could allow remote attackers to take complete control over the affected routers, exposing every other device connected to it. Currently used by millions of consumers in the United States, Verizon Fios Quantum Gateway Wi-Fi routers have been found vulnerable to three security vulnerabilities, identified as CVE-2019-3914, CVE-2019-3915, and CVE-2019-3916. The flaws in question are authenticated command injection (with root privileges), login replay , and password salt disclosure vulnerabilities in the Verizon Fios Quantum Gateway router (G1100), according to technical details Chris Lyne, a senior research engineer at Tenable, shared with The Hacker News. Authenticated Command Injection Flaw (CVE-2019-3914) When reviewing the log file on his router, Chris noticed that the "Access Control" rules in the Firewall settings, availabl...

Most security practitioners are now aware of the Log4Shell vulnerability discovered toward the end of 2021. No one knows how long the vulnerability existed before it was discovered. The past couple of months have had security teams scrambling to patch the Log4Shell vulnerability found in Apache Log4j, a Java library widely used to log error messages in applications. Beyond patching, it's helpful and instructive for security practitioners to have a deeper understanding of this most recent critical vulnerability. Fortunately, Cynet Senior Security Researcher Igor Lahav is hosting a webinar [ Register here ] to provide "buzzword free" insights into Log4Shell. Based on a webinar preview provided by Cynet, the discussion will cover the software bugs in Apache Log4j that permitted the critical vulnerability, the exploits used to take advantage of the vulnerabilities and the remediation options available to protect your organization. This webinar will help make sense of the so...