cybersecurity

Wanna chat about something non-infosec amongst those of us who frequent /c/cybersecurity? Here’s your chance! (Keep things civil & respectful please)

Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.

A critical remote code execution (RCE) vulnerability in Apache Tomcat tracked as CVE-2025-24813 is actively exploited in the wild, enabling attackers to take over servers with a simple PUT request.

Hackers are reportedly leveraging proof-of-concept (PoC) exploits that were published on GitHub just 30 hours after the flaw was disclosed last week.

The malicious activity was confirmed by Wallarm security researchers, who warned that traditional security tools fail to detect it as PUT requests appear normal and the malicious content is obfuscated using base64 encoding.

On 14 March 2025, a user “mentalpositive” on XSS Forum has posted a thread advertising a new MacOS infostealer. Below is the machine translation of the user’s forum post, with minor edits by me (I have copy-pasted just the intro, the rest on the blog, if interested):

The Danish Social Security Agency published a new threat assessment for the cyber threat to the telecommunications sector that highlights the risks for the telecom companies in Europe.

“In this threat assessment, the Danish Agency for Social Security raises the threat level for cyber espionage against the Danish telecommunications sector to HIGH. This is because the extent of cyber espionage against the telecommunications sector in Europe has likely increased.” reads the threat assessment. “Danish telecommunications and internet providers must therefore also be aware of attempted cyber attacks by state hackers.”

Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? This is the time and place to ask!

Wanna chat about something non-infosec amongst those of us who frequent /c/cybersecurity? Here’s your chance! (Keep things civil & respectful please)

In a barebones advisory, Facebook warned that the security defect was found in FreeType versions 2.13.0 and below and provides a pathway for arbitrary code execution attacks.

“This vulnerability may have been exploited in the wild,” Facebook said, without providing any details on the reported attacks. The bug has been tagged as CVE-2025-27363 and carries a CVSS severity score of 8.1 out of 10.

Microsoft has released the KB5053606 cumulative update for Windows 10 22H2 and Windows 10 21H2, which fixes numerous bugs, including one preventing SSH connections.

The Windows 10 KB5053606 update is mandatory as it contains Microsoft's March 2025 Patch Tuesday security updates, which fix six actively exploited zero-day vulnerabilities.

Mozilla is warning Firefox users to update their browsers to the latest version to avoid facing disruption and security risks caused by the upcoming expiration of one of the company's root certificates. [...] Users need to update their browsers to Firefox 128 (released in July 2024) or later and ESR 115.13 or later for 'Extended Support Release' (ESR) users.

Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.