SentinelOne Uncovers Chinese Espionage Campaign Targeting Its Infrastructure and Clients

April 29, 2025

Cybersecurity company SentinelOne has revealed that a China-nexus threat cluster dubbed PurpleHaze conducted reconnaissance attempts against its infrastructure and some of its high-value customers.
“We first became aware of this threat cluster during a 2024 intrusion conducted against an organization previously providing hardware logistics services for SentinelOne employees,” security

Source: Read More

Previous ArticleMulti-Agentic Systems in Industry with XMPro & MongoDB Atlas

Next Article Closing the loop on agents with test-driven development

Highlights

CVE-2025-23173 – Versa Networks Versa Director Websockify Remote Code Execution Vulnerability

June 18, 2025

CVE ID : CVE-2025-23173

Published : June 19, 2025, 12:15 a.m. | 1 hour, 47 minutes ago

Description : The Versa Director SD-WAN orchestration platform provides direct web-based access to uCPE virtual machines through the Director GUI. By default, the websockify service is exposed on port 6080 and accessible from the internet. This exposure introduces significant risk, as websockify has known weaknesses that can be exploited, potentially leading to remote code execution.

Versa Networks is not aware of any reported instance where this vulnerability was exploited. Proof of concept for this vulnerability has been disclosed by third party security researchers.

Workarounds or Mitigation:

Restrict access to TCP port 6080 if uCPE console access is not necessary. Versa recommends that Director be upgraded to one of the remediated software versions.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Top 15 Enterprise Use Cases That Justify Hiring Node.js Developers in 2025

The Core Model: Start FROM The Answer, Not WITH The Solution

AI-Generated Code Poses Major Security Risks in Nearly Half of All Development Tasks, Veracode Research Reveals

Understanding the code modernization conundrum

Onboarding your AI peer programmer: Setting up GitHub Copilot coding agent for success

Quality Over Speed: A Case for Perfectionism

UK Quantum computing is going universal through scaling

CodeSOD: What a CAD

The details of TC39’s last meeting

The details of TC39’s last meeting

Time-Controlled Data Processing with Laravel LazyCollection Methods

Create Apple Wallet Passes in Laravel

Ubuntu 25.10 Snapshot 3 is Available to Download

Ubuntu 25.10 Snapshot 3 is Available to Download

Proton’s New 2FA Authenticator App Supports Ubuntu

TUXEDO Computers Presenta l’Ultrabook InfinityBook Pro 15 Gen10

SentinelOne Uncovers Chinese Espionage Campaign Targeting Its Infrastructure and Clients

The details of TC39’s last meeting

CVE-2025-7847 – WordPress AI Engine Plugin Arbitrary File Upload Vulnerability

The Witcher 3: Wild Hunt reaches 60 million copies sold as work continues on The Witcher 4

Dissolving the line between design and engineering

How to Build a Production-Ready DevOps Pipeline with Free Tools

CVE-2025-54026 – QuanticaLabs GymBase Theme Classes SQL Injection

CVE-2025-23173 – Versa Networks Versa Director Websockify Remote Code Execution Vulnerability

Master Database Management Systems

IBM Cloud login breaks for second time this week and Big Blue isn’t saying why

The making of a product icon

SentinelOne Uncovers Chinese Espionage Campaign Targeting Its Infrastructure and Clients

Related Posts