Critical Cisco SLU Vulnerabilities CVE-2024-20439 and CVE-2024-20440 Threaten...
Cisco has issued a security advisory warning organizations of multiple vulnerabilities in its Smart Licensing Utility (SLU) that could allow remote attackers to access sensitive information or gain...
View ArticleVeeam Backup & Replication Faces RCE Flaw– CVE-2024-40711 (CVSS 9.8) Allows...
A series of critical vulnerabilities have been uncovered in Veeam Backup & Replication, potentially exposing organizations to unauthorized access, remote code execution, and data breaches. The most...
View ArticleCVE-2024-20017 (CVSS 9.8): Zero-Click Exploit Discovered in Popular Wi-Fi...
Security researcher Hyprdude has published detailed information and a proof-of-concept (PoC) exploit for a critical vulnerability identified as CVE-2024-20017. With a CVSS score of 9.8, this...
View ArticleWeb3’s Billion-Dollar Bleeding: Cybercrime in DeFi
The rapid growth of Web3 and decentralized finance (DeFi) has transformed the financial landscape, offering unparalleled opportunities for innovation. However, it has also opened the floodgates for...
View ArticleCyberVolk Ransomware: A New and Evolving Threat to Global Cybersecurity
A relatively new player in the cybercrime world, the Indian hacker group CyberVolk, has been making waves with its sophisticated ransomware. CyberVolk Ransomware, first detected in July 2024, has...
View ArticleCVE-2024-38650 & CVE-2024-39714 (CVSS 9.9): Critical Flaws in Veeam Console...
A series of critical vulnerabilities have been discovered in Veeam Service Provider Console, a widely-used platform for managing data protection services in cloud and virtual environments. These...
View ArticleCVE-2024-44000 (CVSS 9.8): Litespeed Cache flaw exposes millions of WordPress...
A significant security vulnerability has been uncovered in the popular LiteSpeed Cache plugin for WordPress, which boasts over 5 million active installations. The vulnerability, discovered by Rafie...
View ArticleMicrochip Technology Confirms Data Breach in August Cyberattack
Microchip Technology, a leading American semiconductor supplier, has confirmed a significant data breach following a cyberattack in August 2024. The attack, which disrupted the company’s operations and...
View ArticleMuddyWater’s Sneaky New Tactic: Hijacking RMM Software for Espionage
Security researchers from the 360 Advanced Threat Research Institute have recently uncovered that the Iranian hacking group MuddyWater is actively leveraging legitimate remote monitoring and management...
View ArticleCVE-2024-7591 (CVSS 10): Critical Vulnerability Discovered in Progress...
Progress Software Corporation has issued a security advisory for a critical vulnerability (CVE-2024-7591) affecting its LoadMaster application delivery controller (ADC) and load balancer solution. The...
View ArticleCVE-2024-26581 PoC Exploit Released: Linux Systems at Risk of Root Compromise
The security researchers have publicly disclosed technical details and proof-of-concept (PoC) exploit code for a CVE-2024-26581 (CVSS 7.8) vulnerability within the Linux kernel. The flaw poses a...
View ArticleSonicWall Confirms Critical CVE-2024-40766 Vulnerability Actively Exploited...
On September 5, 2024, SonicWall updated its security advisory with an urgent warning: CVE-2024-40766, a critical access control vulnerability within SonicOS, is being actively exploited by...
View ArticleU.S. Offers $10 Million Reward for Information on GRU Hackers Targeting...
The U.S. State Department’s Rewards for Justice program has announced a reward of up to $10 million for information leading to the identification or location of five Russian military intelligence......
View ArticleTropic Trooper Expands Espionage to Middle East, Targets Human Rights...
The cyber espionage group Tropic Trooper, also known as KeyBoy and Pirate Panda, has been observed shifting its focus to the Middle East, according to a recent report by Kaspersky... The post Tropic...
View ArticleNetflix Phishing Scam: Even the Savviest Streamers Can Fall Victim
AhnLab Security Intelligence Center (ASEC) has uncovered a new phishing campaign targeting Netflix users, where cybercriminals are impersonating the popular streaming service to steal sensitive...
View ArticleThe Supercar Phishing Kit: A Luxurious Trap for Your Microsoft 365 Credentials
In August 2024, Fortgale’s cybersecurity researchers uncovered a phishing campaign targeting Microsoft 365 users. This discovery, dubbed the “Supercar Phishing Kit,” has introduced a new level of...
View ArticleBabylon RAT Unleashed: Malaysian Politicians Under Cyber Siege
A recent investigation by Cyble Research and Intelligence Lab (CRIL) has uncovered a sophisticated cyber espionage campaign targeting high-profile political figures and government officials in...
View ArticleRed Hat Issues Critical Patch for Pulpcore Authentication Bypass Flaw...
Red Hat has issued a critical security advisory warning of an authentication bypass vulnerability (CVE-2024-7923) in Pulpcore, a content management system used in Red Hat Satellite deployments. The...
View ArticleThreat Actors Exploit GeoServer Vulnerability CVE-2024-36401 to Launch...
Cybersecurity researchers at FortiGuard Labs have observed multiple campaigns targeting a critical vulnerability in GeoServer, an open-source geospatial data server. Identified as CVE-2024-36401, this...
View ArticleCVE-2024-45076 (CVSS 9.9): Critical Flaw in IBM webMethods Integration Demand...
IBM has issued a critical security advisory for its webMethods Integration Server, revealing multiple vulnerabilities that could allow authenticated users to execute arbitrary commands, escalate...
View Article