fp-6d

Critical Progress OpenEdge AdminServer Vulnerability CVE-2025-7388 Allows Remote Code Execution

Posted: September 09, 2025

Categories: vulnerability

Tags: fp-6e, fp-6d, fp-6c, fp-6b

Author: Npav Lab

A severe remote code execution vulnerability in Progress OpenEdge AdminServer’s Java RMI interface (CVE-2025-7388) lets attackers execute commands with elevated privileges. Update to LTS versions 12.2.18 or 12.8.9 immediately.

Odyssey macOS Stealer Spread via Fake Microsoft Teams Site Targets Cryptocurrency Wallets

Posted: September 08, 2025

Categories: Microsoft, Financial fraud, Fraud Protector

Tags: fp-6d, fp-6a, fp-4c, fp-4a

Author: Npav Lab

Cybercriminals use a fake Microsoft Teams download site to distribute the Odyssey macOS stealer, stealing credentials, crypto wallets, and sensitive data. Learn how to protect your Mac.

OneDrive Phishing Attack Targets Corporate Executives for Credential Theft

Posted: September 03, 2025

Categories: Cyber Attack, Data Breach, Phishing

Tags: fp-6d, fp-4b, fp-1b

Author: Npav Lab

A sophisticated OneDrive spearphishing campaign targets corporate executives with fake HR emails and Microsoft Office 365 login pages to steal credentials. Learn how to recognize and prevent this threat.

Cybersecurity Alert: 8 Malicious NPM Packages Target Windows Chrome Users

Posted: September 01, 2025

Categories: Google, Windows

Tags: fp-6d, fp-6a

Author: Npav Lab

Researchers found 8 malicious NPM packages targeting Windows Chrome users with obfuscated code to steal passwords, credit cards, and crypto wallets. Learn more.

Coordinated Scanning Campaign Targets Microsoft RDP Services: Over 30,000 IPs Involved

Posted: August 26, 2025

Categories: Microsoft

Tags: fp-6d, fp-6a, fp-1b

Author: Npav Lab

A large-scale scanning campaign is targeting Microsoft Remote Desktop Protocol (RDP) services, utilizing over 30,000 unique IP addresses. Learn about the attack's methodology and implications for credential-based attacks.

Copilot Vulnerability Exposes Audit Logs, Allowing Unauthorized Access to Sensitive Files

Posted: August 20, 2025

Categories: Data Breach, vulnerability

Tags: fp-6d, fp-1b

Author: Npav Lab

A critical vulnerability in Microsoft’s Copilot for M365 has allowed unauthorized access to sensitive files without leaving a trace in audit logs. Learn about the implications for organizations and the lack of transparency from Microsoft.

Lockbit Linux ESXi Ransomware: Evasion Techniques and File Encryption Process

Posted: August 19, 2025

Categories: Ransomware

Tags: fp-6e, fp-6d, fp-6c, fp-6b, fp-6a, fp-4a

Author: Npav Lab

Discover the advanced evasion techniques and encryption methods used by the Lockbit ransomware variant targeting Linux-based ESXi servers. Learn how it operates and the implications for cybersecurity.

Critical Cisco Secure Firewall Management Center Vulnerability (CVE-2025-20265) Allows Remote Code Execution

Posted: August 19, 2025

Categories: vulnerability, firewall

Tags: fp-6d, fp-6c, fp-6b, fp-6a

Author: Npav Lab

Cisco has addressed a critical vulnerability (CVE-2025-20265) in its Secure Firewall Management Center Software, allowing unauthenticated remote attackers to execute arbitrary shell commands. Learn more about the vulnerability and affected versions.

Critical WinRAR Path Traversal Vulnerability (CVE-2025-8088) Exploited: Security Patch Released

Posted: August 18, 2025

Categories: Security, vulnerability, WINRAR

Tags: fp-6d, fp-6a, fp-5a, fp-1b, fp-1a

Author: Npav Lab

Learn about the critical WinRAR vulnerability (CVE-2025-8088) that allows attackers to hijack extraction processes. Discover the importance of applying the security patch before September 2, 2025.

Microsoft Teams RCE Vulnerability: Critical Flaw Allows Message Manipulation

Posted: August 13, 2025

Categories: vulnerability, Microsoft

Tags: fp-6d, fp-4a, fp-1b

Author: Npav Lab

Microsoft has revealed a critical RCE vulnerability in Teams (CVE-2025-53783) that could let attackers read, write, and delete messages. Learn about the risks and fixes.