News Archives • Page 368 of 632 • Daily CyberSecurity

CVE-2024-10217 & CVE-2024-10218: TIBCO Hawk Faces Critical Security Risks TIBCO Operational Intelligence Hawk - CVE-2024-10217 & CVE-2024-10218

CVE-2024-10217 & CVE-2024-10218: TIBCO Hawk Faces Critical Security Risks

Ddos November 17, 2024

TIBCO, a prominent provider of enterprise integration and management software, has issued urgent security advisories addressing two...

PXA Stealer: New Malware Targets Governments and Education Across Europe and Asia

Ddos November 17, 2024

Cisco Talos recently identified a sophisticated cyber campaign targeting sensitive information in government and educational sectors across...

Apache Traffic Server Patches Critical Vulnerabilities in Latest Release Apache Traffic Server - CVE-2024-50306

Apache Traffic Server Patches Critical Vulnerabilities in Latest Release

Ddos November 17, 2024

The Apache Software Foundation has released a security update for Apache Traffic Server, addressing three critical vulnerabilities...

Glove Stealer Malware Bypasses Chrome Encryption, Steals Sensitive Data

Ddos November 17, 2024

In a recent analysis by Jan Rubín, Senior Malware Researcher at Gen Digital, a new malware known...

CVE-2024-8856: WP Time Capsule Plugin Vulnerability Exposes 20,000+ Sites to TakeOver Backup and Staging - CVE-2024-8856

CVE-2024-8856: WP Time Capsule Plugin Vulnerability Exposes 20,000+ Sites to TakeOver

Ddos November 16, 2024

A high-severity vulnerability in WP Time Capsule, a popular WordPress backup plugin, has left over 20,000 websites...

Two-Step Phishing Technique Leveraging Microsoft Visio Files Exposed by Researchers

Ddos November 16, 2024

Perception Point’s latest findings have uncovered an advanced two-step phishing technique exploiting Microsoft Visio files (.vsdx) and...

CVE-2024-45784: Apache Airflow Vulnerability Exposes Sensitive Data in Logs Airflow Credential Leak, UI Redaction Failure CVE-2024-39877 & CVE-2024-45784 Airflow Connection Leak, CVE-2025-54831

Airflow Credential Leak, UI Redaction Failure CVE-2024-39877 & CVE-2024-45784 Airflow Connection Leak, CVE-2025-54831

CVE-2024-45784: Apache Airflow Vulnerability Exposes Sensitive Data in Logs

Ddos November 16, 2024

A vulnerability in the popular workflow management platform Apache Airflow could inadvertently expose sensitive configuration data, potentially...

Zero-Day Vulnerability in FortiClient Exploited by BrazenBamboo APT BrazenBamboo - DEEPPOST malware

Zero-Day Vulnerability in FortiClient Exploited by BrazenBamboo APT

Ddos November 15, 2024

Cybersecurity firm Volexity has uncovered a zero-day vulnerability in Fortinet’s Windows VPN client, FortiClient, being exploited by...

Cyber Espionage Campaign: North Korean Actors Deploy BeaverTail and InvisibleFerret North Korean Cyber Tactics

Cyber Espionage Campaign: North Korean Actors Deploy BeaverTail and InvisibleFerret

Ddos November 15, 2024

The eSentire Threat Response Unit (TRU) recently uncovered a sophisticated attack involving the BeaverTail and InvisibleFerret malware...

New Melofee Backdoor Variant Targets Linux Systems with Advanced Stealth Tactics

Ddos November 15, 2024

Cybersecurity researchers from XLabs have identified a sophisticated new variant of the Melofee backdoor, a C++ malware...

CVE-2024-49369 (CVSS 9.8): Critical Flaw in Icinga 2 Allows for Impersonation and RCE

Ddos November 15, 2024

Icinga releases urgent security updates to address a critical TLS certificate validation bypass vulnerability affecting all versions...

PHP Reinfector Malware Wreaks Havoc on WordPress Sites Houzez theme - CVE-2024-22303 and CVE-2024-21743

PHP Reinfector Malware Wreaks Havoc on WordPress Sites

Ddos November 15, 2024

In an in-depth investigation, Puja Srivastava, a security analyst at Sucuri, recently uncovered a sophisticated PHP reinfector...

Palo Alto Networks Raises Alarm on Firewall Vulnerability Following Active Exploitation Palo Alto Networks Exploitation

Palo Alto Networks Raises Alarm on Firewall Vulnerability Following Active Exploitation

Ddos November 15, 2024

Today, Palo Alto Networks, a leading cybersecurity firm, has issued an urgent update to a recent security...

Cisco SD-WAN Vulnerability CVE-2026-20133 FortiGate Compromise Ivanti EPMM Zero-Day CVE-2026-1281 SmarterMail Vulnerability Storm-2603 WatchGuard Zero-Day, IKEv2 Out-of-Bounds Write Cisco Zero-Day, UAT-9686 Chinese APT FortiWeb RCE Exploitation CVE-2025-58034 VMware Zero-Day, Privilege Escalation Sitecore, remote code execution CVE-2025-53690 Windows CLFS, Privilege Escalation CVE-2024-47575 & CVE-2024-11120 CVE-2025-24983 vulnerability

CVE-2024-11120 (CVSS 9.8): OS Command Injection Flaw in GeoVision Devices Actively Exploited, No Patch

Ddos November 15, 2024

The Taiwan Computer Emergency Response Team / Coordination Center (TWCERT/CC) has issued a warning about an actively...

Bitfinex Hacker Sentenced to 5 Years for Massive Bitcoin Heist and Laundering Scheme CMDSS ZachXBT crypto theft, John Daghita U.S. Marshals investigation Bitfinex Hacker - DMM Bitcoin Cyberattack

CMDSS ZachXBT crypto theft, John Daghita U.S. Marshals investigation Bitfinex Hacker - DMM Bitcoin Cyberattack

Bitfinex Hacker Sentenced to 5 Years for Massive Bitcoin Heist and Laundering Scheme

Ddos November 15, 2024

Ilya Lichtenstein, the mastermind behind the infamous 2016 Bitfinex hack, has been sentenced to five years in...

Synology Issues Patches for Critical Camera Flaws Discovered at Pwn2Own Synology vulnerability

Synology Issues Patches for Critical Camera Flaws Discovered at Pwn2Own

Ddos November 14, 2024

Synology, a leading provider of network-attached storage (NAS) solutions, has released urgent security updates to address multiple...

Critical Laravel Flaw (CVE-2024-52301) Exposes Millions of Web Applications to Attack

Ddos November 14, 2024

A critical security vulnerability, CVE-2024-52301, has been identified in the Laravel framework, a popular web application framework...

CVE-2024-10924 (CVSS 9.8): Authentication Bypass in Really Simple Security Plugin Affects 4 Million Sites

Ddos November 14, 2024

The Wordfence Threat Intelligence team identified a severe authentication bypass vulnerability (CVE-2024-10924) in the Really Simple Security...

CISA Flags Critical Exploits in Palo Alto Networks’ Expedition with Public PoC Code DELMIA Apriso RCE, CISA KEV Exploitation ServiceNow Vulnerabilities

DELMIA Apriso RCE, CISA KEV Exploitation ServiceNow Vulnerabilities

CISA Flags Critical Exploits in Palo Alto Networks’ Expedition with Public PoC Code

Ddos November 14, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about two critical vulnerabilities in...

TAG-112 Targets Tibetan Community via Waterholing Attack TAG-112 threat actor

TAG-112 Targets Tibetan Community via Waterholing Attack

Ddos November 14, 2024

In a recent report by the Insikt Group, cybersecurity analysts reveal how the China-nexus threat actor TAG-112...

Critical Alert 1 Active Exploit Detected Today