CyberSecurity news

FlagThis - #azure

info@thehackernews.com (The Hacker News)@The Hacker News - 82d

Visual Studio Code Tunnels Abused in Cyber Espionage Campaign


Share: bluesky twitterx--v2 facebook--v1 threads


References :
  • gbhackers.com: Visual Studio Tunnels Abused For Stealthy Remote Access
  • BleepingComputer: Chinese hackers targeting large IT service providers in Southern Europe were seen abusing Visual Studio Code (VSCode) tunnels to maintain persistent access to compromised systems.
  • The Hacker News: Hackers Weaponize Visual Studio Code Remote Tunnels for Cyber Espionage
  • www.sentinelone.com: SentinelOne reports on Operation Digital Eye, detailing the sophisticated techniques used by Chinese APT actors.
  • securityaffairs.com: Operation Digital Eye: China-linked relies on Visual Studio Code Remote Tunnels to spy on Europen entities
  • Virus Bulletin: Aleksandar Milenkoski (SentinelLabs) & Luigi Martire (Tinexta Cyber) look into ‘Operation Digital Eye’, an activity cluster from a suspected China-nexus threat actor targeting large business-to-business IT service providers in Southern Europe.
  • Security Risk Advisors: SentinelOne report on Operation Digital Eye Chinese APT
  • www.bleepingcomputer.com: Chinese hackers use Visual Studio Code tunnels for remote access.
Classification:
  • HashTags: #CyberEspionage #Azure
  • Target: Business-to-business IT service providers
  • Attacker: Chinese state-backed hackers
  • Product: Visual Studio Code
  • Feature: Visual Studio Code Tunnels
  • Type: Espionage
  • Severity: Major
Zeljka Zorz@Help Net Security - 73d

Phishing Attack Compromises Azure Accounts


Share: bluesky twitterx--v2 facebook--v1 threads


References :
  • BleepingComputer: A phishing campaign targeting automotive, chemical, and industrial manufacturing companies in Germany and the UK is abusing HubSpot to steal Microsoft Azure account credentials.
  • The Hacker News: HubPhish Exploits HubSpot Tools to Target 20,000 European Users for Credential Theft
  • CyberInsider: Threat Actors Exploit HubSpot to Harvest Microsoft Azure Credentials
  • Virus Bulletin: Palo Alto Unit 42 researchers investigate a phishing campaign targeting European companies. The campaign aimed to harvest account credentials and take over the victim’s Microsoft Azure cloud infrastructure.
  • techacademy.online: HubPhish Exploits HubSpot Tools to Target 20,000 European Users for Credential Theft
  • Dataconomy: A phishing campaign targeting manufacturing companies in Europe has compromised around 20,000 Microsoft Azure accounts using HubSpot and DocuSign.
  • Techzine Global: Hackers, through a phishing campaign using malicious DocuSign files, are attempting to target long-term presence mainly in Azure cloud environments of European companies.
Classification:
@securityonline.info - 43d

Veeam Azure Backup SSRF Vulnerability Patched

Veeam has released a patch to address a high-risk Server-Side Request Forgery (SSRF) vulnerability in its Backup for Microsoft Azure product. This flaw, identified as CVE-2025-23082, allows attackers to send unauthorized requests from the system, potentially leading to network enumeration and other malicious activities. The vulnerability has been assigned a CVSS score of 7.2, indicating a high level of severity. The issue affects all versions of Veeam Backup for Microsoft Azure up to and including version 7.1.0.22.

The SSRF vulnerability was discovered during internal testing and highlights the risks associated with cloud-based backup solutions. An attacker could exploit this flaw to make the server perform unintended actions, gathering information about the internal network or even launching further attacks. Users are strongly advised to upgrade to version 7.1.0.59 or later, where the vulnerability has been addressed, to mitigate the potential risk of exploitation. This incident underscores the critical importance of consistent patch management and proactive security measures.

Share: bluesky twitterx--v2 facebook--v1 threads


References :
  • gbhackers.com: GBHackers reports Veeam Azure Backup SSRF vulnerability.
  • securityonline.info: SecurityOnline covers Veeam releasing a patch for High-Risk SSRF Vulnerability.
  • www.veeam.com: Veeam security advisory on CVE-2025-23082
  • gbhackers.com: Veeam Azure Backup Vulnerability Allows Attackers to Utilize SSRF & Send Unauthorized Requests /vulnerability
  • securityonline.info: Veeam Releases Patch for High-Risk SSRF Vulnerability CVE-2025-23082 in Azure Backup Solution
Classification:
  • HashTags: #Veeam #Azure #SSRF
  • Company: Veeam
  • Target: Veeam Azure Backup users
  • Product: Veeam Azure Backup
  • Feature: SSRF
  • Type: Vulnerability
  • Severity: Major

Blogs

Research Tools