Cybersecurity

Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits 

Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits 

The China-nexus cyber espionage group tracked as UNC3886 has been observed targeting end-of-life MX routers from Juniper Networks as part of a campaign designed to deploy custom backdoors, highlighting their ability to focus on internal networking infrastructure.
“The backdoors had varying custom capabilities, including active and passive backdoor functions, as well as an embedded script that

Over 400 IPs Exploiting Multiple SSRF Vulnerabilities in Coordinated Cyber Attack 

Over 400 IPs Exploiting Multiple SSRF Vulnerabilities in Coordinated Cyber Attack 

Threat intelligence firm GreyNoise is warning of a “coordinated surge” in the exploitation of Server-Side Request Forgery (SSRF) vulnerabilities spanning multiple platforms.
“At least 400 IPs have been seen actively exploiting multiple SSRF CVEs simultaneously, with notable overlap between attack attempts,” the company said, adding it observed the activity on March 9, 2025.
The countries which

Pentesters: Is AI Coming for Your Role? 

Pentesters: Is AI Coming for Your Role? 

We’ve been hearing the same story for years: AI is coming for your job. In fact, in 2017, McKinsey printed a report, Jobs Lost, Jobs Gained: Workforce Transitions in a Time of Automation, predicting that by 2030, 375 million workers would need to find new jobs or risk being displaced by AI and automation. Queue the anxiety. 
There have been ongoing whispers about what roles would be

URGENT: Microsoft Patches 57 Security Flaws, Including 6 Actively Exploited Zero-Days 

URGENT: Microsoft Patches 57 Security Flaws, Including 6 Actively Exploited Zero-Days 

Microsoft on Tuesday released security updates to address 57 security vulnerabilities in its software, including a whopping six zero-days that it said have been actively exploited in the wild.
Of the 56 flaws, six are rated Critical, 50 are rated Important, and one is rated Low in severity. Twenty-three of the addressed vulnerabilities are remote code execution bugs and 22 relate to privilege

Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks 

Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks 

Apple on Tuesday released a security update to address a zero-day flaw that it said has been exploited in “extremely sophisticated” attacks.
The vulnerability has been assigned the CVE identifier CVE-2025-24201 and is rooted in the WebKit web browser engine component.
It has been described as an out-of-bounds write issue that could allow an attacker to craft malicious web content such that it

Alleged Co-Founder of Garantex Arrested in India 

Alleged Co-Founder of Garantex Arrested in India 

Authorities in India today arrested the alleged co-founder of Garantex, a cryptocurrency exchange sanctioned by the U.S. government in 2022 for facilitating tens of billions of dollars in money laundering by transnational criminal and cybercriminal organizations. Sources close to the investigation told KrebsOnSecurity the Lithuanian national Aleksej Besciokov, 46, was apprehended while vacationing on the coast of India with his family.

The AI Fix #41: Can AIs be psychopaths, and why we should be AI optimists 

The AI Fix #41: Can AIs be psychopaths, and why we should be AI optimists 

In episode 41 of the AI Fix, our hosts learn that society needs to be completely reordered by December, Grok accuses Trump of being a Russian asset, Graham discovers that parents were wrong about computer games all along, and Mark wonders if a kung-fu kicking robot from Unitree is the hero that we need.

Graham gives an AI a Rorschach test and learns about “Norman” the psychopathic AI, and Mark discovers why we should actually be optimistic about AI.

Plus – don’t miss our featured interview with Marc Beckman, the author of “Some future day: How AI is going to change everything.”

Blind Eagle Hacks Colombian Institutions Using NTLM Flaw, RATs and GitHub-Based Attacks 

Blind Eagle Hacks Colombian Institutions Using NTLM Flaw, RATs and GitHub-Based Attacks 

The threat actor known as Blind Eagle has been linked to a series of ongoing campaigns targeting Colombian institutions and government entities since November 2024.
“The monitored campaigns targeted Colombian judicial institutions and other government or private organizations, with high infection rates,” Check Point said in a new analysis.
“More than 1,600 victims were affected during one of

Ballista Botnet Exploits Unpatched TP-Link Vulnerability, Infects Over 6,000 Devices 

Ballista Botnet Exploits Unpatched TP-Link Vulnerability, Infects Over 6,000 Devices 

Unpatched TP-Link Archer routers have become the target of a new botnet campaign dubbed Ballista, according to new findings from the Cato CTRL team.
“The botnet exploits a remote code execution (RCE) vulnerability in TP-Link Archer routers (CVE-2023-1389) to spread itself automatically over the Internet,” security researchers Ofek Vardi and Matan Mittelman said in a technical report shared with

NEW CUSTOMERS CALL TODAY: 720.221.6804  |  EXISTING CUSTOMERS REQUIRING SUPPORT: 303.617.6442

X