Kimusky Hackers Exploiting RDP & MS Office Vulnerabilities in Targeted Attacks

April 21, 2025

Kimusky Hackers Exploiting RDP & MS Office Vulnerabilities in Targeted Attacks

A sophisticated Advanced Persistent Threat (APT) operation named Larva-24005, linked to the notorious Kimsuky threat group, has been discovered actively exploiting critical vulnerabilities in Remote D …

Published Date:
Apr 21, 2025 (3 hours, 13 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2019-0708

CVE-2017-11882

Source: Read More

Previous ArticleCritical ASUS Router Vulnerability Let Attackers Malicious Code Remotely

Next Article Microsoft Urges TPM 2.0 for Windows 11 Upgrade as Win 10 Support Nears End

Highlights

CVE-2025-4774 – Elementor Premium Addons Stored Cross-Site Scripting Vulnerability

June 10, 2025

CVE ID : CVE-2025-4774

Published : June 10, 2025, 12:15 p.m. | 1 hour, 32 minutes ago

Description : The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-countdown attribute of Countdown widget in all versions up to, and including, 4.11.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Severity: 6.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

In-House vs. Outsource Node.js Development Teams: 9 Key Differences for the C-Suite (2025)

Why Non-Native Content Designers Improve Global UX

DevOps won’t scale without platform engineering and here’s why your teams are still stuck

This week in AI dev tools: Slack’s enterprise search, Claude Code’s analytics dashboard, and more (July 18, 2025)

DistroWatch Weekly, Issue 1131

I ditched my Bluetooth speakers for this slick turntable – and it’s more practical than I thought

This split keyboard offers deep customization – if you’re willing to go all in

I spoke with an AI version of myself, thanks to Hume’s free tool – how to try it

The details of TC39’s last meeting

The details of TC39’s last meeting

Simple wrapper for Chrome’s built-in local LLM (Gemini Nano)

Online Examination System using PHP and MySQL

Windows 11 tests “shared audio” to play music via multiple devices, new taskbar animations

Windows 11 tests “shared audio” to play music via multiple devices, new taskbar animations

WhatsApp for Windows 11 is switching back to Chromium web wrapper from UWP/native

DistroWatch Weekly, Issue 1131

Kimusky Hackers Exploiting RDP & MS Office Vulnerabilities in Targeted Attacks

Kimusky Hackers Exploiting RDP & MS Office Vulnerabilities in Targeted Attacks

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

M-Trends 2025: Data, Insights, and Recommendations From the Frontlines

CVE-2025-50348 – PHPGurukul Pre-School Enrollment System Project Directory Traversal Vulnerability

Critical Mattermost Flaw (CVE-2025-4981, CVSS 9.9) Allows RCE Via Path Traversal

CVE-2025-5491: Acer Control Center Bug Allows Remote Code Execution as NT AUTHORITYSYSTEM

CVE-2025-4774 – Elementor Premium Addons Stored Cross-Site Scripting Vulnerability

CVE-2025-4120 – Netgear JWNR2000 Remote Buffer Overflow Vulnerability

BlueBubbles is a cross-platform app ecosystem

Warhammer 40K’s best alternative CRPG to Baldur’s Gate 3 is 69% off on PC — just in time for its “Lex Imperialis” DLC

Kimusky Hackers Exploiting RDP & MS Office Vulnerabilities in Targeted Attacks

Kimusky Hackers Exploiting RDP & MS Office Vulnerabilities in Targeted Attacks

Related Posts