Play Ransomware Hacked 900 Organizations, CISA Released TTPs & IOCs

June 5, 2025

Play Ransomware Hacked 900 Organizations, CISA Released TTPs & IOCs

Federal authorities have revealed that the notorious Play ransomware group has successfully breached approximately 900 organizations worldwide as of May 2025, marking a dramatic escalation in cybercri …

Published Date:
Jun 05, 2025 (1 hour, 22 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2024-57727

Source: Read More

Previous ArticleVulnerability in 2ClickPortal software

Next Article IT threat evolution in Q1 2025. Non-mobile statistics

Highlights

CVE-2025-32950 – Jmix File Path Traversal Vulnerability

April 22, 2025

CVE ID : CVE-2025-32950

Published : April 22, 2025, 6:15 p.m. | 31 minutes ago

Description : Jmix is a set of libraries and tools to speed up Spring Boot data-centric application development. In versions 1.0.0 to 1.6.1 and 2.0.0 to 2.3.4, attackers could manipulate the FileRef parameter to access files on the system where the Jmix application is deployed, provided the application server has the necessary permissions. This can be accomplished either by modifying the FileRef directly in the database or by supplying a harmful value in the fileRef parameter of the `/files` endpoint of the generic REST API. This issue has been patched in versions 1.6.2 and 2.4.0. A workaround is provided on the Jmix documentation website.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

Handling JavaScript Event Listeners With Parameters

I finally gave NotebookLM my full attention – and it really is a total game changer

Google Chrome for iOS now lets you switch between personal and work accounts

How the Trump administration changed AI: A timeline

Download your photos before AT&T shuts down its cloud storage service permanently

Laravel Live Denmark

Laravel Live Denmark

The July 2025 Laravel Worldwide Meetup is Today

Livewire Security Vulnerability

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

Halo and Half-Life combine in wild new mod, bringing two of my favorite games together in one — here’s how to play, and how it works

Surprise! The iconic Roblox ‘oof’ sound is back — the beloved meme makes “a comeback so good it hurts” after three years of licensing issues

Play Ransomware Hacked 900 Organizations, CISA Released TTPs & IOCs

Play Ransomware Hacked 900 Organizations, CISA Released TTPs & IOCs

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access

CVE-2025-48382 – Apache Fess Temporary File Information Disclosure Vulnerability

CVE-2025-4219 – WordPress DPEPress Stored Cross-Site Scripting

Crypto Wallet App Development: Features, Cost, and Tech Stack Explained

CVE-2025-36049 – IBM webMethods Integration Server XML External Entity Injection (XXE) Vulnerability

CVE-2025-32950 – Jmix File Path Traversal Vulnerability

$17 Million Black Market Empire Crushed in Cybercrime Sting

CVE-2025-43855 – Apache tRPC WebSocket Server Crash Vulnerability (Denial of Service)

Microsoft Edge may be getting a redesigned New Tab Page powered by Copilot

Play Ransomware Hacked 900 Organizations, CISA Released TTPs & IOCs

Play Ransomware Hacked 900 Organizations, CISA Released TTPs & IOCs

Related Posts