CoinMiner Attacks Exploiting GeoServer Vulnerability
Malware

CoinMiner Attacks Exploiting GeoServer Vulnerability

AhnLab SEcurity intelligence Center (ASEC) has confirmed that the unpatched GeoServer is still under continuous attack. Threat actors are scanning for vulnerable GeoServer and installing CoinMiner. ASEC has also identified cases of infection in South Korea.   1. GeoServer Remote Code Execution Vulnerability (CVE-2024-36401) GeoServer is an open-source Geographic Information

  • Jul 07 2025
June 2025 Trends Report on Phishing Emails
Malware Phishing/Scam Trend

June 2025 Trends Report on Phishing Emails

This report provides the distribution quantity, statistics, trends, and case information on phishing emails and email threats collected and analyzed for one month in June 2025. The following are some statistics and cases included in the original report. 1) Statistics on Attachment Threats in June 2025 In June 2025, the

  • Jul 07 2025
Statistics Report on Malware Targeting Windows Database Servers in Q2 2025
Trend

Statistics Report on Malware Targeting Windows Database Servers in Q2 2025

Overview The AhnLab SEcurity intelligence Center (ASEC) analysis team uses the AhnLab Smart Defense (ASD) infrastructure to categorize and respond to attacks targeting Windows-based MS-SQL and MySQL servers. This report will cover the current state of damage to MS-SQL and MySQL servers that became attack targets based on the logs

  • Jul 07 2025
Statistical Report on Malware Targeting Windows Web Servers in Q2 2025
Trend

Statistical Report on Malware Targeting Windows Web Servers in Q2 2025

Overview AhnLab SEcurity intelligence Center (ASEC) is using the AhnLab Smart Defense (ASD) infrastructure to respond to and categorize attacks against poorly managed Windows web servers. This report covers the current state of damage to Windows web servers which had become the target of attacks based on the logs identified

  • Jul 07 2025
Statistical Report on Malware Targeting Linux SSH Servers in Q2 2025
Trend

Statistical Report on Malware Targeting Linux SSH Servers in Q2 2025

Overview AhnLab SEcurity intelligence Center (ASEC) conducts response and classification of brute force or dictionary attacks targeting poorly managed Linux SSH servers using honeypots. This report will cover the status of attack sources identified in the second quarter of 2025 based on logs, as well as statistics on attacks performed

  • Jul 07 2025
Threat Views

July 07, 2025

July 07, 2025 Hash 18bb8d3a997bc8f4f274ff8d61c3e487a 2b34cef6ebe83ce73f728f0d7691390f9 38db9e197d32b44b525de4f619b84545e URL 1https[:]//verify-meta-page-infomation[.]vercel[.]app/ 2http[:]//googgle[.]com[.]vn/ 3http[:]//ru[.]vanish-cheat[.]com/ IP 1143[.]105[.]157[.]99 280[.]130[.]159[.]175 33[.]131[.]215[.]38...

  • Jul 07 2025
Apple Product Security Update Advisory (CVE-2025-43200)
Security Advisory

Apple Product Security Update Advisory (CVE-2025-43200)

Overview   We have released a security update to address a vulnerability in Apple products. Users of affected products are advised to update to the latest version.  Affected Products   CVE-2025-43200   iOS Version: 15.8.4 and earlieriOS Version: 16.7.11 and earlieriOS version: below 18.3.1   iPadOS version: 15.8.4 or earlieriPadOS

  • Jul 07 2025
Vercel Product Security Update Advisory (CVE-2025-49826)
Security Advisory

Vercel Product Security Update Advisory (CVE-2025-49826)

Overview   We have released a security update to address a vulnerability in Vercel products. Users of affected products are advised to update to the latest version.    Affected Products   CVE-2025-49826   Next.js Versions: 15.0.4 and above and below 15.2.0     Resolved Vulnerabilities   Denial of service vulnerability

  • Jul 07 2025