Security - Page 3

Vulnerability in KIA Ecuador Keyless Entry Systems Poses Theft Risk for Thousands of Vehicles

Posted: June 16, 2025

Categories: Other, Security, vulnerability

Tags: vehicle security, rolling code systems, learning code technology, latin america vehicle security, kia ecuador vulnerability, keyless entry theft risk, cve-2025-6029, autorfkiller, automotive vulnerabilities

Author: Npav Lab

A significant security vulnerability (CVE-2025-6029) in KIA Ecuador's keyless entry systems exposes thousands of vehicles to theft. Learn about the risks, attack methods, and recommendations for consumers.

295 Malicious IPs Target Apache Tomcat Manager with Coordinated Brute-Force Attacks

Posted: June 12, 2025

Categories: Security, Malware Alerts, Cyber Attack, Data Breach

Tags: security vulnerabilities, security cameras, rtsp, malicious ips, http, greynoise, exposed services, digitalocean, cybersecurity, brute-force attacks, authentication measures, apache tomcat manager, access restrictions

Author: Npav Lab

GreyNoise warns of coordinated brute-force attacks on Apache Tomcat Manager interfaces, involving 295 malicious IPs. Learn about the risks and recommended security measures.

Security Breach Alert: Indian Government Warns of Vulnerabilities in MediaTek-Powered Devices

Posted: June 12, 2025

Categories: Security, Data Breach, vulnerability

Tags: wi-fi routers, tablets, smartphones, smart tvs, security patches, security breach alert, mediatek vulnerabilities, laptops, device security, denial-of-service, data theft, cve-2025-20673, cve-2025-20672, cert-in advisory

Author: Npav Lab

The Indian government has issued a high-severity alert regarding vulnerabilities in devices using MediaTek processors. Learn about affected devices, security risks, and recommended actions.

Adobe Releases Security Update Fixing 254 Vulnerabilities in AEM and Other Products

Posted: June 11, 2025

Categories: Security, Products, Updates, vulnerability

Tags: xss vulnerabilities, vulnerabilities, substance 3d sampler, software security, privilege escalation, magento open source, cve-2025-47110, cross-site scripting, code execution flaws, aem vulnerabilities, adobe security update, adobe incopy, adobe experience manager, adobe commerce

Author: Npav Lab

Adobe has issued a security update addressing 254 vulnerabilities, primarily affecting Adobe Experience Manager. Learn about the critical flaws and how to protect your software.

China-Linked Cyber Espionage Group Targets 70+ Organizations

Posted: June 10, 2025

Categories: Ransomware, Security, Malware Alerts, Cyber Attack, Data Backup, Data Breach, Spyware

Tags: unc5174, purplehaze, cyber espionage group, china cyber espionage, apt15

Author: Npav Lab

Discover how a China-linked cyber espionage group, including APT15 and UNC5174, targeted over 70 organizations across government, media, and other sectors. Learn about the malware used, including ShadowPad and GoReShell, and the exploited vulnerabilities.

Wazuh Server Vulnerability Exploited by Two Distinct Botnets for Mirai-Based DDoS Attacks

Posted: June 10, 2025

Categories: Security, Cyber Attack, Botnet, vulnerability, DDoS

Tags: wazuh server vulnerability, remote code execution vulnerabilities, mirai botnet attacks, iot security vulnerabilities, ddos attacks, cybersecurity threats, cve-2025-24016, botnet exploitation

Author: Npav Lab

Discover how two separate botnets exploit the critical Wazuh Server vulnerability (CVE-2025-24016) to launch Mirai-based DDoS attacks, targeting IoT devices and highlighting the urgency of cybersecurity measures.

OpenAI Bans ChatGPT Accounts Linked to Russian, Iranian, and Chinese Hacker Groups: A Deep Dive into Cyber Threats

Posted: June 09, 2025

Categories: Security, Cyber Attack, Securty Tips, Hacking, Hacker, Trojan

Tags: social media manipulation, openai, north korean cyber threats, malware development, hacker groups, cybersecurity, cyber threat intelligence, chatgpt, apt5, apt15

Author: Npav Lab

Discover how OpenAI has banned ChatGPT accounts associated with Russian, Iranian, and Chinese hacker groups. Learn about the malicious activities, including malware development and social media manipulation, and explore the implications for cybersecurity.

New Supply Chain Malware Campaign Targets npm and PyPI Ecosystems, Affecting Millions

Posted: June 08, 2025

Categories: Ransomware, Security, Malware Alerts, Spyware

Tags: supply chain malware, software supply chain attacks, remote access trojan, pypi vulnerabilities, package security, npm security, malware distribution, data protection, cybersecurity threats, credential harvesting

Author: Npav Lab

Cybersecurity experts reveal a significant supply chain attack affecting npm and PyPI ecosystems, compromising numerous packages and exposing millions of users to malware. Learn about the affected packages and how to protect yourself.

Security Risks in Popular Chrome Extensions: API Key Leaks and Unencrypted Data Transmission

Posted: June 06, 2025

Categories: Security, Cyber Attack, Data Breach

Tags: web security, user privacy, unencrypted data, security vulnerabilities, privacy breaches, password manager security, online security, https, data protection, cybersecurity, chrome extensions, api key leaks, aitm attacks

Author: Npav Lab

Discover significant security vulnerabilities in popular Chrome extensions that expose sensitive user data through unencrypted transmission and hardcoded credentials. Learn how to protect yourself from potential privacy breaches

Cartier Suffers Data Breach as Cyberattacks Target Global Fashion Brands

Posted: June 03, 2025

Categories: Security, Data Breach

Tags: luxury brands, cyberattack

Author: Npav Lab

Luxury under threat: Cartier, the prestigious fashion house, has revealed a data breach following a cyberattack that compromised personal customer data. The breach is part of a broader wave of cyber threats hitting global fashion brands, raising concerns about how high-end retail is being exploited for customer data.