China-Linked Earth Alux Uses VARGEIT and COBEACON in Multi-Stage Cyber Intrusions

April 1, 2025

Cybersecurity researchers have shed light on a new China-linked threat actor called Earth Alux that has targeted various key sectors such as government, technology, logistics, manufacturing, telecommunications, IT services, and retail in the Asia-Pacific (APAC) and Latin American (LATAM) regions.
“The first sighting of its activity was in the second quarter of 2023; back then, it was

Source: Read More

Previous ArticleNearly 24,000 IPs Target PAN-OS GlobalProtect in Coordinated Login Scan Campaign

Next Article New Case Study: Global Retailer Overshares CSRF Tokens with Facebook

Highlights

CVE-2025-4079 – PCMan FTP Server Buffer Overflow Vulnerability

April 29, 2025

CVE ID : CVE-2025-4079

Published : April 29, 2025, 7:15 p.m. | 3 hours, 52 minutes ago

Description : A vulnerability, which was classified as critical, was found in PCMan FTP Server up to 2.0.7. Affected is an unknown function of the component RENAME Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The AI productivity paradox in software engineering: Balancing efficiency and human skill retention

The impact of gray work on software development

CSS Intelligence: Speculating On The Future Of A Smarter Language

Hallucinated code, real threat: How slopsquatting targets AI-assisted development

Xbox is cancelling Rare’s ‘Everwild’ and ZeniMax’s new MMORPG IP as part of broader cuts — with ‘Perfect Dark’ impacted as well

Microsoft is closing down Xbox studio The Initiative, with Perfect Dark killed as well — joining Everwild and ZeniMax’s new IP, and other unannounced projects

No, Microsoft and Xbox’s Phil Spencer isn’t stepping down any time soon — here’s the truth

Everwild’s cancellation has me worried for one of my favorite dev teams and Xbox itself — It needs creative new games to thrive and refresh its identity

Trust but Verify: The Curious Case of AI Hallucinations

Trust but Verify: The Curious Case of AI Hallucinations

From Flow to Fabric: Connecting Power Automate to Microsoft Fabric

Flutter Web Hot Reload Has Landed – No More Refreshes!

Xbox is cancelling Rare’s ‘Everwild’ and ZeniMax’s new MMORPG IP as part of broader cuts — with ‘Perfect Dark’ impacted as well

Xbox is cancelling Rare’s ‘Everwild’ and ZeniMax’s new MMORPG IP as part of broader cuts — with ‘Perfect Dark’ impacted as well

Microsoft is closing down Xbox studio The Initiative, with Perfect Dark killed as well — joining Everwild and ZeniMax’s new IP, and other unannounced projects

No, Microsoft and Xbox’s Phil Spencer isn’t stepping down any time soon — here’s the truth

China-Linked Earth Alux Uses VARGEIT and COBEACON in Multi-Stage Cyber Intrusions

Cisco waarschuwt voor kritiek lek door hardcoded SSH-wachtwoord

CISA Warns of Chrome 0-Day Vulnerability Exploited in Attacks

Citrix Bleed 2 flaw now believed to be exploited in attacks

CVE-2025-48872 – Apache DoS

Today’s LLMs craft exploits from patches at lightning speed

CVE-2024-12706 – OpenText Digital Asset Management SQL Injection

CVE-2025-4079 – PCMan FTP Server Buffer Overflow Vulnerability

CVE-2025-26691 – OpenHarmony Information Leak

CVE-2024-52290 – LF Edge eKuiper Cross-Site Scripting (XSS)

OChess – chess game analysis software

China-Linked Earth Alux Uses VARGEIT and COBEACON in Multi-Stage Cyber Intrusions

Related Posts