SonicWall Patches Unauthenticated DoS Flaw (CVE-2024-40764) in SonicOS IPSec VPN
SonicWall, a leading cybersecurity provider, has issued a security patch to address a heap-based buffer overflow vulnerability in its SonicOS operating system. This vulnerability, identified as...
View ArticleCyber Espionage Alert: APT41 Strikes Global Industries, Steals Sensitive Data
Mandiant, in collaboration with Google’s Threat Analysis Group (TAG), has uncovered a widespread cyber espionage campaign orchestrated by the notorious advanced persistent threat (APT) group known as...
View ArticleCVE-2024-22442 (CVSS 9.8): HPE Patches Critical 3PAR Service Processor Flaw
Hewlett Packard Enterprise (HPE) has released a security update to address a critical vulnerability (CVE-2024-22442) in its 3PAR Service Processor software. This flaw could allow remote attackers to...
View ArticleChina-Linked GhostEmperor Resurfaces: Enhanced Demodex Rootkit Targets...
The notorious threat group GhostEmperor has resurfaced with an updated version of its sophisticated Demodex rootkit, according to a new report from Sygnia’s Incident Response team. Sygnia’s in-depth...
View ArticleOracle WebLogic Users Urged to Patch Critical Vulnerability (CVE-2024-21181,...
Oracle has issued a warning to users of its WebLogic Server, urging them to immediately patch a critical vulnerability (CVE-2024-21181) that could lead to a complete takeover of the server. The...
View ArticleUrgent Security Advisory: Mitel Exposed Critical Vulnerability in Unify...
Mitel, a global leader in business communications, has issued an urgent security advisory regarding a critical vulnerability discovered in its Unify OpenScape 4000 communication system and related...
View ArticleCrowdStrike Falcon Sensor Crash Triggers Global IT Outage, Emergency...
A critical crash error in CrowdStrike’s Falcon Sensor platform has caused widespread IT disruptions across the globe, affecting critical services like 911 call centers, airlines, banks, and major media...
View ArticleBroadcom Urges Immediate Patching for Critical Symantec PAM Vulnerabilities
Broadcom, the cybersecurity giant behind Symantec Privileged Access Manager (PAM), has issued a critical security advisory, urging users to apply the latest cumulative hotfix (4.1.7.50) to protect...
View ArticleCisco Warns of Unpatched Vulnerability (CVE-2024-20416) in RV340 and RV345...
Cisco has issued a security advisory warning users of a vulnerability in their RV340 and RV345 Dual WAN Gigabit VPN routers. The vulnerability, identified as CVE-2024-20416, could allow an...
View ArticleNHS England Issues Cyber Alert for Exploited CVE-2023-6548 Vulnerability in...
The NHS England National Cyber Security Operations Centre (CSOC) has issued a cyber alert following new intelligence from CrowdStrike regarding the CVE-2023-6548 vulnerability in Citrix’s NetScaler...
View ArticleCrowdStrike Reveals Technical Details of Update Causing Windows Systems Crash
A recent update to CrowdStrike’s Falcon endpoint security software has resulted in widespread system crashes for Windows users across the globe. The incident, which occurred on July 19, 2024, was...
View ArticleGoogle URL Shortener Ends Support: What You Need to Know Before August 2025
Google has officially announced the termination of its URL-shortening service, goo.gl. The generation of new links ceased in March 2019, and as of August 25, 2025, all existing goo.gl links will stop...
View ArticleCybercriminals Exploit Swap Files: New E-commerce Skimming Tactic
Security analysts at Sucuri have uncovered a novel attack technique targeting e-commerce websites, where cybercriminals abuse swap files to maintain persistent credit card skimmers. The incident...
View ArticleAWS Security Update: CVE-2024-30164 and CVE-2024-30165 Flaws Found in Client VPN
Amazon Web Services (AWS) has issued a security bulletin regarding two vulnerabilities discovered in its Client VPN service. These flaws, identified as CVE-2024-30164 and CVE-2024-30165, could...
View ArticleFake Browser Updates Lead to Malicious BOINC Installations
Huntress, a prominent cybersecurity firm, has recently uncovered a new wave of malicious activities involving the well-known SocGholish or FakeUpdates malware. The attackers have recently been observed...
View ArticleWidespread Outage: CrowdStrike Update Affects 8.5 Million Windows Users
Issues with the software update from CrowdStrike Holdings Inc. impacted 8.5 million devices worldwide running the Microsoft Windows operating system. Representatives from Microsoft Corp. clarified that...
View ArticleBlackSuit’s Advanced Ransomware Tactics Exposed: Masquerades as Antivirus
In a recent series of events that disrupted major operations, the KADOKAWA Corporation experienced service outages that extended to multiple websites. What initially appeared to be a technical glitch...
View ArticleCVE-2024-41107: Apache CloudStack Vulnerability Exposes User Accounts to...
The Apache Software Foundation has issued a security advisory regarding a critical vulnerability (CVE-2024-41107) in its open-source cloud computing platform, Apache CloudStack. This flaw affects the...
View ArticleCVE-2024-40628 & CVE-2024-40629: Two Maximum Severity Flaws in JumpServer
JumpServer, a widely used open-source privileged access management (PAM) tool, has disclosed two critical vulnerabilities that could allow attackers to gain unauthorized access to sensitive systems and...
View ArticleCybercriminals Seize Chaos Amidst CrowdStrike Outage, Deploying Deceptive...
In the wake of a widespread system outage triggered by a faulty CrowdStrike update, cybercriminals have wasted no time exploiting the chaos. Within 24 hours of the incident, which affected millions of...
View Article