Kimusky Hackers Exploiting RDP & MS Office Vulnerabilities in Targeted Attacks

April 21, 2025

Kimusky Hackers Exploiting RDP & MS Office Vulnerabilities in Targeted Attacks

A sophisticated Advanced Persistent Threat (APT) operation named Larva-24005, linked to the notorious Kimsuky threat group, has been discovered actively exploiting critical vulnerabilities in Remote D …

Published Date:
Apr 21, 2025 (3 hours, 13 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2019-0708

CVE-2017-11882

Source: Read More

Previous ArticleCritical ASUS Router Vulnerability Let Attackers Malicious Code Remotely

Next Article Microsoft Urges TPM 2.0 for Windows 11 Upgrade as Win 10 Support Nears End

Highlights

CVE-2025-6838 – WordPress Broken Link Notifier CSV Injection Vulnerability

July 11, 2025

CVE ID : CVE-2025-6838

Published : July 11, 2025, 9:15 a.m. | 22 minutes ago

Description : The Broken Link Notifier plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 1.3.0 via broken links that are later exported. This makes it possible for authenticated attackers, with Contributor-level access and above, to embed untrusted input into exported CSV files, which can result in code execution when these files are downloaded and opened on a local system with a vulnerable configuration.

Severity: 4.1 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Designing For TV: Principles, Patterns And Practical Guidance (Part 2)

Neo4j introduces new graph architecture that allows operational and analytics workloads to be run together

Beyond the benchmarks: Understanding the coding personalities of different LLMs

Top 10 Use Cases of Vibe Coding in Large-Scale Node.js Applications

Building smarter interactions with MCP elicitation: From clunky tool calls to seamless user experiences

From Zero to MCP: Simplifying AI Integrations with xmcp

Distribution Release: Linux Mint 22.2

Coded Smorgasbord: Basically, a Smorgasbord

Drupal 11’s AI Features: What They Actually Mean for Your Team

Drupal 11’s AI Features: What They Actually Mean for Your Team

Why Data Governance Matters More Than Ever in 2025?

Perficient Included in the IDC Market Glance for Digital Business Professional Services, 3Q25

How DevOps Teams Are Redefining Reliability with NixOS and OSTree-Powered Linux

How DevOps Teams Are Redefining Reliability with NixOS and OSTree-Powered Linux

Distribution Release: Linux Mint 22.2

‘Cronos: The New Dawn’ was by far my favorite experience at Gamescom 2025 — Bloober might have cooked an Xbox / PC horror masterpiece

Kimusky Hackers Exploiting RDP & MS Office Vulnerabilities in Targeted Attacks

Kimusky Hackers Exploiting RDP & MS Office Vulnerabilities in Targeted Attacks

Critical Linux UDisks Daemon Vulnerability (CVE-2025-8067) Exposes Privileged Data to Local Attackers

Google Slapped with $381 Million Fine in France Over Gmail Ads, Cookie Consent Missteps

CVE-2025-31256 – Apple Notes Cache Exposure Vulnerability

CVE-2025-36104 – IBM Storage Scale Information Disclosure

Essential Utilities: Reclaiming Disk Space (GUI Tools)

13 outstanding deals on tech you actually need — Batteries, chargers, cables, and more under $30 for Amazon Prime Day

CVE-2025-6838 – WordPress Broken Link Notifier CSV Injection Vulnerability

CVE-2025-53366 – Apache MCP Model Context Protocol Denial of Service

AI Tools Fuel Brazilian Phishing Scam While Efimer Trojan Steals Crypto from 5,000 Victims

CVE-2025-34127 – Achat UDP Stack-based Buffer Overflow

Kimusky Hackers Exploiting RDP & MS Office Vulnerabilities in Targeted Attacks

Kimusky Hackers Exploiting RDP & MS Office Vulnerabilities in Targeted Attacks

Related Posts