Cado Security Labs has uncovered a sophisticated cryptomining scheme that exploits misconfigured Jupyter Notebooks, used by data scientists, on both Windows and Linux systems. The attack involves several stages, encrypted payloads and manipulation of COM objects to ultimately deploy miners for a variety of cryptocurrencies. The attack is a prime example of how threat actors are evolving their methods to maximise profits from vulnerable cloud infrastructure. This can lead to reduced system performance, heightened operational costs, and increased security risks for impacted organisations.
IXON VPN Vulnerabilities Let Attackers Gain Access to Windows & Linux Systems
A security assessment by Shelltrail revealed three critical vulnerabilities in the IXON VPN client, allowing privilege escalation on Windows and Linux. Identified as CVE-2025-ZZZ-01, CVE-2025-ZZZ-02,
%20CISO%E2%80%99s%20Core%20Focus.webp?w=0&resize=0,0&ssl=1 "Identity and Access Management (IAM)")