Hackers have continued the search for opportunities to take advantage of the infamous CVE -2025-48927 vulnerability. According For a new report by Threat Intelligence Company Greynoise.
The tag of Greynoise, which attempts to take advantage of vulnerability, has detected 11 IP addresses who have attempted exploitation since April.
Other IP addresses can perform reconnaissance: A total of 2,009 IP has discovered for the spring boot actuator and options in the last 90 days, and 1,582 IP has specially targeted. /Health Endpoints, which usually detect the spring boot actuator purinogen.
The defect allows hackers to extract data from the weak system. The issue “Spring boot actuator stems from the constant use of the platform of confirming a heritage in the Spring Boot Actuter, where a clinical /Heapdump The endpoint is publicly accessible without certification, ”the research team told cointelegraph.
https://www.youtube.com/watch?v=T06MVWZ6NGM
The teleemesage signal is similar to the app, but allows for the collection of chats for compliance purposes. Located in Israel, the company was Acquired In 2024, by the US company Smarash, after temporarily suspended services after the security violation in May, the files were stolen from the app resulting in the resulting app.
“Telemage has stated that vulnerability has been patches at her end,” said Hoddy Fisher, a member of the Granois team. “However, patch timelines may vary depending on different factors.”
Although the security weaknesses in the apps are more common than desired, telemesage can be important for its users: government organization and enterprise. App can be users of the app include Former US government official Like Mike Waltz, US Customs and Border Protection and Crypto Exchange Coinbase.
GRIYNOISE advises users to block malicious IPS and disable or ban access /Heapdump Closing point. In addition, it may be helpful to limit the contact with the actuator andpoint, it has been said.
Connected: Danger actor using ‘Detailed Social Engineering Scheme’ to target Crypto users – Report
Crypto theft is increasing in 2025; Credentials on Darknet go for thousands
The latest crime report of Channelis notes that more than $ 2.17 billion has been stolen so far in 2025, a speed will take crypto-related theft to new heights. Last month notable security attacks include high-profile events such as physical “wrench attacks” on bitcoin holders and February hack of Crypto Exchange Bibit.
Efforts to steal credentials often include fishing attacks, malicious malware and social engineering.
magazine: Coinbase hack shows that the law will probably not protect you – why is it here
