CVE-2024-9014 (CVSS 9.9): pgAdmin’s Critical Vulnerability Puts User Data at...
pgAdmin, the leading open-source management tool for PostgreSQL databases, has released an urgent security update to address a critical vulnerability affecting versions 8.11 and earlier. This flaw,...
View ArticleYOLO AI Achieves 100% Success Rate in Bypassing reCAPTCHA v2
A team of researchers from ETH Zurich, led by Andreas Plesner, has demonstrated the vulnerability of Google’s reCAPTCHA v2 to sophisticated AI models. Their AI model, YOLO (You Only Look... The post...
View ArticleMallox Expands Arsenal: Targets Linux with Modified Kryptina Ransomware
SentinelLabs has discovered that a group associated with the Mallox (TargetCompany) campaign is utilizing a newly modified version of the Kryptina ransomware to target Linux systems. Previously focused...
View ArticleProxmox Virtual Environment and Mail Gateway Exposed to Critical API...
A critical vulnerability has been identified in Proxmox Virtual Environment (VE) and Proxmox Mail Gateway (PMG) that could allow unauthorized access to sensitive files and potentially lead to a full......
View ArticleNew Malware Campaign Mines Crypto in Docker & Kubernetes
Datadog Security Research has uncovered a new and widespread malware campaign targeting Docker and Kubernetes environments, where threat actors exploit vulnerabilities in container orchestration...
View ArticleGitLab backports fix for CVE-2024-45409 to older versions
In a crucial security release, GitLab has addressed a severe vulnerability (CVE-2024-45409) in its Community Edition (CE) and Enterprise Edition (EE) platforms, impacting all self-managed...
View ArticleCritical Flaw in RAISECOM Gateways Actively Exploited, Exposing Thousands to...
A newly discovered and actively exploited vulnerability in RAISECOM Gateway devices poses a significant threat to enterprise security. The flaw, tracked as CVE-2024-7120 with a critical CVSS score of...
View ArticleNew RomCom Variant “SnipBot” Unveiled: A Sophisticated Malware Targeting...
Unit 42 has revealed a new variant of the notorious RomCom malware family, known as “SnipBot.” This sophisticated malware, first discovered in early 2024, is designed to infiltrate enterprise...
View ArticleCVSS 9.8 Vulnerabilities Expose Aruba Access Points to RCE: HPE Urges...
The Hewlett Packard Enterprise (HPE) Product Security Response Team has issued a critical advisory concerning multiple command injection vulnerabilities (CVE-2024-42505, CVE-2024-42506, CVE-2024-42507)...
View ArticleTeamViewer Urges Users to Patch Privilege Escalation Flaws (CVE-2024-7479 and...
In a recently disclosed security bulletin, TeamViewer has highlighted two critical vulnerabilities impacting its Remote Client and Remote Host products for Windows. CVE-2024-7479 and CVE-2024-7481—both...
View ArticleFlashArray, FlashBlade at Risk: Pure Storage Reveals CVSS 10 Vulnerabilities
Pure Storage has released a critical security advisory detailing multiple high-severity vulnerabilities impacting its FlashArray and FlashBlade storage systems. These vulnerabilities, some with a...
View ArticleCritical SQL Injection Vulnerability Discovered in ‘The Events Calendar’...
A severe security flaw has been identified in the popular WordPress plugin The Events Calendar, affecting all versions up to and including 6.6.4. Designated as CVE-2024-8275, the vulnerability has...
View ArticleCVE-2024-0132 (CVSS 9.0): Critical Vulnerabilities Found in NVIDIA Container...
NVIDIA has recently issued a security bulletin addressing two vulnerabilities in its Container Toolkit (CTK), which could potentially expose organizations relying on GPU-accelerated containers to a...
View ArticleCritical CUPS Vulnerabilities Expose Linux and Other Systems to Remote Attacks
In a significant development for cybersecurity, multiple critical vulnerabilities have been discovered in CUPS (Common Unix Printing System), a widely used print server on Linux systems and other...
View ArticleOcto2 Malware Variant Threatens European Banks with Advanced Device Takeover...
A new and more dangerous variant of the notorious Octo banking malware, dubbed “Octo2,” has been discovered by cybersecurity researchers at ThreatFabric. Octo2, an evolution of the ExobotCompact...
View ArticleCritical Vulnerabilities in Automated Tank Gauge Systems Threaten Global...
In a recent revelation, security researchers at Bitsight have uncovered severe vulnerabilities within Automated Tank Gauge (ATG) systems—integral components used to monitor fuel levels in storage tanks...
View ArticlePhishing Frenzy: 140,000+ Websites Created with Sniper Dz in One Year
Cybersecurity researchers at Palo Alto Networks have uncovered a widespread Phishing-as-a-Service (PhaaS) platform known as Sniper Dz, which has facilitated the creation of over 140,000 phishing...
View ArticleCritical Flaws Discovered in Jupiter X Core WordPress Plugin Affecting Over...
Security researchers have uncovered two critical vulnerabilities in the Jupiter X Core WordPress plugin, impacting over 90,000 websites. The flaws could allow unauthenticated attackers to take complete...
View ArticleFlax Typhoon Botnet Exploits 66 Vulnerabilities: A Global Threat to Critical...
In a joint advisory, the Five Eyes intelligence alliance has warned of a widespread and ongoing cyberattack campaign attributed to the Chinese state-sponsored group, Flax Typhoon. This campaign...
View ArticleVLC Media Player Update Needed: CVE-2024-46461 Discovered
Users of the popular VLC media player are being urged to update their software immediately following the discovery of a critical vulnerability that could allow malicious actors to crash the... The post...
View Article