DslogdRAT Malware Targets Ivanti Connect Secure via CVE-2025-0282 Zero-Day Exploit

April 26, 2025

DslogdRAT Malware Targets Ivanti Connect Secure via CVE-2025-0282 Zero-Day Exploit

A newly published report by Yuma Masubuchi from the JPCERT Coordination Center (JPCERT/CC) has uncovered the deployment of a stealthy remote access trojan dubbed DslogdRAT, which was installed on comp …

Published Date:
Apr 26, 2025 (2 hours, 8 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-0282

CVE-2024-21762

CVE-2022-47945

Source: Read More

Previous ArticleConnectWise Patches Critical ViewState RCE Vulnerability in ScreenConnect

Next Article NVIDIA Releases Security Update to Address GPU Driver Vulnerabilities

Highlights

CVE-2025-32960 – CUBA REST API Cross-Site Scripting (XSS)

April 22, 2025

CVE ID : CVE-2025-32960

Published : April 22, 2025, 6:16 p.m. | 31 minutes ago

Description : The CUBA REST API add-on performs operations on data and entities. Prior to version 7.2.7, the input parameter, which consists of a file path and name, can be manipulated to return the Content-Type header with text/html if the name part ends with .html. This could allow malicious JavaScript code to be executed in the browser. For a successful attack, a malicious file needs to be uploaded beforehand. This issue has been patched in version 7.2.7. A workaround is provided on the Jmix documentation website.

Severity: 6.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Turning User Research Into Real Organizational Change

June 2025: All AI updates from the past month

Building a culture that will drive platform engineering success

Gartner: More than 40% of agentic AI projects will be canceled in the next few years

I FINALLY got my hands on my most anticipated gaming laptop of 2025 — and it’s a 14-inch monster

This gimbal-tracking webcam has TWO cameras and a great price — but it may not be “private” enough

I spent two months using the massive Area-51 gaming rig — both a powerful beast PC and an RGB beauty queen

“Using AI is no longer optional” — Did Microsoft just make Copilot mandatory for its staff as a critical performance metric?

June report 2025

June report 2025

Make your JS functions smarter and cleaner with default parameters

Best Home Interiors in Hyderabad – Top Designers & Affordable Packages

I FINALLY got my hands on my most anticipated gaming laptop of 2025 — and it’s a 14-inch monster

I FINALLY got my hands on my most anticipated gaming laptop of 2025 — and it’s a 14-inch monster

This gimbal-tracking webcam has TWO cameras and a great price — but it may not be “private” enough

I spent two months using the massive Area-51 gaming rig — both a powerful beast PC and an RGB beauty queen

DslogdRAT Malware Targets Ivanti Connect Secure via CVE-2025-0282 Zero-Day Exploit

DslogdRAT Malware Targets Ivanti Connect Secure via CVE-2025-0282 Zero-Day Exploit

Critical Vulnerability in Anthropic’s MCP Exposes Developer Machines to Remote Exploits

CVE-2025-6554 Actively Exploited Google Chrome Zeroday

CVE-2025-4807 – SourceCodester Online Student Clearance System Directory Traversal Information Disclosure

Critical MobSF 0-Day Exposes Systems to Stored XSS & ZIP of Death Attacks

CVE-2025-52995 – File Browser Privilege Escalation Vulnerability

Edit: L’editor di testo a riga di comando di Microsoft anche per GNU/Linux

CVE-2025-32960 – CUBA REST API Cross-Site Scripting (XSS)

Defining a Dedicated Query Builder in Laravel 12 With PHP Attributes

CVE-2025-4067 – ScriptAndTools Online-Travling-System Remote File Inclusion Vulnerability

Stealth Falcon Exploits New Zero-Day (CVE-2025-33053) in Sophisticated Cyberespionage Campaign

DslogdRAT Malware Targets Ivanti Connect Secure via CVE-2025-0282 Zero-Day Exploit

DslogdRAT Malware Targets Ivanti Connect Secure via CVE-2025-0282 Zero-Day Exploit

Related Posts