Hack Reports - Latest Cybersecurity News, Trends & Updates

Sign in Subscribe

Vulnerability Exploits

Hackers use Windows RID hijacking to create hidden admin account

Hackers use Windows RID hijacking to create hidden admin account

Windows RID Hijacking Vulnerabilities RID (Relative Identifier) Hijacking is a technique that involves modifying the Relative Identifier (RID) value of an account to gain elevated privileges or access to restricted resources. Here are some key points related to RID hijacking and related Windows security issues: RID Hijacking Technique RID hijacking

RANsacked: Over 100 Security Flaws Found in LTE and 5G Network Implementations

RANsacked: Over 100 Security Flaws Found in LTE and 5G Network Implementations

Latest News on LTE and 5G Security Vulnerabilities (2025) Discovery and Disclosure of Vulnerabilities A recent and significant development in the field of LTE and 5G security involves the disclosure of over 100 security vulnerabilities by a group of academics from two US universities. These vulnerabilities affect the implementations of

SonicWall Urges Immediate Patch for Critical CVE-2025-23006 Flaw Amid Likely Exploitation - The Hacker News

SonicWall Urges Immediate Patch for Critical CVE-2025-23006 Flaw Amid Likely Exploitation - The Hacker News

CVE-2025-23006: SonicWall Critical Vulnerability Overview CVE-2025-23006 is a critical vulnerability identified in SonicWall's SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC). Here are the key details and recommendations: Vulnerability Details * CVE ID: CVE-2025-23006 * CVSS Score: 9.8, indicating a critical severity level45. * Type of Vulnerability: Pre-authentication

Cisco warns of denial of service flaw with PoC exploit code

Cisco warns of denial of service flaw with PoC exploit code

Here are the details on the latest news regarding Cisco-related vulnerabilities and denial of service (DoS) issues from 2024: Cisco NX-OS Bootloader Vulnerability A significant vulnerability was identified in the bootloader of Cisco NX-OS Software, tracked as CVE-2024-20397. This vulnerability allows attackers to bypass image signature checks, which could potentially

Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet

Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet

cnPilot Router Zero-Day Exploit and AIRASHI DDoS Botnet Overview Threat actors have been exploiting a zero-day vulnerability in Cambium Networks' cnPilot routers to deploy a variant of the AISURU botnet known as AIRASHI. This botnet is designed to carry out distributed denial-of-service (DDoS) attacks and has been active since

New UEFI Secure Boot Vulnerability Could Allow Attackers to Load Malicious Bootkits

New UEFI Secure Boot Vulnerability Could Allow Attackers to Load Malicious Bootkits

UEFI Secure Boot Vulnerability CVE-2024-7344: Detailed Analysis A recent discovery by ESET researchers has unveiled a significant vulnerability in UEFI-based systems, identified as CVE-2024-7344. This vulnerability allows attackers to bypass the UEFI Secure Boot mechanism, enabling the execution of untrusted code during system boot. Affected Systems and Software The vulnerability

Researchers Find Exploit Allowing NTLMv1 Despite Active Directory Restrictions

Researchers Find Exploit Allowing NTLMv1 Despite Active Directory Restrictions

Latest News on NTLMv1 Vulnerability and Active Directory Misconfiguration NTLMv1 Vulnerability and Bypassing NTLMv1 Restrictions Recent research has highlighted a significant vulnerability related to NTLMv1 in Active Directory environments, which can be exploited despite Microsoft's efforts to block NTLMv1. Misconfigured On-Prem Applications Researchers have discovered that misconfigured on-premises