Kimsuky Exploits BlueKeep RDP Vulnerability to Breach Systems in South Korea and Japan

May 1, 2025

Cybersecurity researchers have flagged a new malicious campaign related to the North Korean state-sponsored threat actor known as Kimsuky that exploits a now-patched vulnerability impacting Microsoft Remote Desktop Services to gain initial access.
The activity has been named Larva-24005 by the AhnLab Security Intelligence Center (ASEC).
“In some systems, initial access was gained through

Source: Read More

Previous ArticleLotus Panda Hacks SE Asian Governments With Browser Stealers and Sideloaded Malware

Next Article CVE-2025-2816 – WordPress Page View Count Unauthorized Data Modification Vulnerability

Highlights

CVE-2025-30743 – Oracle Lease and Finance Management HTTP Internal Operations Unauthorized Access and Data Manipulation

July 16, 2025

CVE ID : CVE-2025-30743

Published : July 15, 2025, 8:15 p.m. | 6 hours, 44 minutes ago

Description : Vulnerability in the Oracle Lease and Finance Management product of Oracle E-Business Suite (component: Internal Operations). The supported version that is affected is 12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Lease and Finance Management. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Lease and Finance Management accessible data as well as unauthorized access to critical data or complete access to all Oracle Lease and Finance Management accessible data. CVSS 3.1 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N).

Severity: 8.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

From Data To Decisions: UX Strategies For Real-Time Dashboards

Honeycomb launches AI observability suite for developers

Low-Code vs No-Code Platforms for Node.js: What CTOs Must Know Before Investing

ServiceNow unveils Zurich AI platform

DistroWatch Weekly, Issue 1139

Building personal apps with open source and AI

What Can We Actually Do With corner-shape?

Craft, Clarity, and Care: The Story and Work of Mengchu Yao

Optimizely Mission Control – Part III

Optimizely Mission Control – Part III

Learning from PHP Log to File Example

Online EMI Calculator using PHP – Calculate Loan EMI, Interest, and Amortization Schedule

DistroWatch Weekly, Issue 1139

DistroWatch Weekly, Issue 1139

sudo vs sudo-rs: What You Need to Know About the Rust Takeover of Classic Sudo Command

Dmitry — The Deep Magic

Kimsuky Exploits BlueKeep RDP Vulnerability to Breach Systems in South Korea and Japan

Repurposing Protein Folding Models for Generation with Latent Diffusion

Scaling Up Reinforcement Learning for Traffic Smoothing: A 100-AV Highway Deployment

Best Free and Open Source Alternatives to Progress Kemp LoadMaster

Amazon SageMaker HyperPod launches model deployments to accelerate the generative AI model development lifecycle

CVE-2025-8798 – Samarium Unrestricted File Upload Vulnerability

Researchers from Fudan University Introduce Lorsa: A Sparse Attention Mechanism That Recovers Atomic Attention Units Hidden in Transformer Superposition

CVE-2025-30743 – Oracle Lease and Finance Management HTTP Internal Operations Unauthorized Access and Data Manipulation

4 Fun Free and Open Source Meme Generation Tools

I tested Sony’s WH-1000XM6 headphones, and I’m seriously considering ditching my Bose

CVE-2025-49862 – Motov.net Ebook Store Cross-Site Scripting

Kimsuky Exploits BlueKeep RDP Vulnerability to Breach Systems in South Korea and Japan

Related Posts