The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about an actively exploited security flaw in Apache OFBiz, a popular open-source enterprise resource planning (ERP) system....
Black Lotus Labs, a threat intelligence team within Lumen Technologies, has uncovered the active exploitation of a zero-day vulnerability in Versa Director servers, identified as CVE-2024-39717. This critical vulnerability, which...
Two critical vulnerabilities have been discovered in the popular GPS tracking system Traccar, which is used for both personal and corporate applications. The vulnerabilities, identified as CVE-2024-31214 and CVE-2024-24809, could...
In Argentina, the police have uncovered an illegal financial organization engaged in the exchange of fiat and cryptocurrencies, which may be connected to North Korean hackers. The organization was led...
A critical vulnerability, identified as CVE-2024-42531 and rated with a CVSS score of 9.8 (Critical), has been discovered in the Ezviz Internet PT Camera CS-CV246. This flaw enables unauthorized individuals...
In a significant development for cybersecurity professionals, security researcher Ynwarcs has published an in-depth analysis and proof-of-concept (PoC) exploit code for a critical zero-click CVE-2024-38063 vulnerability in Windows TCP/IP. This...
In a recent and alarming development, the popular messaging client Pidgin has removed a third-party plugin, “ss-otr,” from its plugin list after it was discovered to contain a malicious keylogger....
A severe security flaw (CVE-2024-6386, CVSS 9.9) has been discovered in the widely-used WPML plugin for WordPress, potentially exposing over one million websites to the risk of complete takeover. The...
Perception Point security researchers have recently uncovered a disturbing trend in phishing attacks: the exploitation of URL rewriting features, a mechanism designed to protect users, is now being weaponized by...
In a significant update to its security advisory, Google has confirmed that CVE-2024-7965, a high-severity zero-day vulnerability in the Chrome browser, has been actively exploited in the wild. This revelation...
Meta, the company that owns the popular social networks Facebook, Instagram, and the messaging service WhatsApp, has uncovered attempts to hack the accounts of American officials. The hackers targeted representatives...
A group of security researchers has uncovered vulnerabilities in Apple Pay, Google Pay, and PayPal systems, which allow stolen and canceled payment cards to be used for transactions. The findings...
Mozilla has removed the integration with Adjust from its Firefox and Firefox Klar (Firefox Focus) browsers for Android and iOS. The Adjust SDK was used to measure the effectiveness of...
Centreon, a widely-used open-source monitoring solution, has issued a critical security bulletin addressing multiple SQL injection vulnerabilities in its Centreon Web interface. These vulnerabilities, identified as CVE-2024-32501, CVE-2024-33852, CVE-2024-33853, CVE-2024-33854,...
Uber, the renowned ride-hailing service provider, was recently hit with a record-breaking fine of €290 million by the Dutch privacy regulator for failing to comply with EU regulations by transferring...
Support Securityonline.info site. Thanks!
