The Cyble Research and Intelligence Labs (CRIL) has uncovered a persistent malware campaign specifically targeting Ukrainian individuals and organizations. This campaign, attributed to the threat actor group UAC-0184, leverages sophisticated...
The Avaya IP Office, a popular telephony system used by businesses worldwide, is facing a critical security threat. Two newly discovered vulnerabilities, CVE-2024-4196 and CVE-2024-4197, have been identified and could...
ReversingLabs researchers have uncovered a malicious package named “legacyreact-aws-s3-typescript” on the npm registry. The package, designed to mimic a legitimate tool for uploading files to Amazon S3 buckets, was found...
Rockwell Automation, a global leader in industrial automation and digital transformation, has issued a security advisory urging users of its ThinManager software to update to the latest versions following the...
AhnLab Security Intelligence Center (ASEC) has issued a warning regarding the re-emergence of the DBatLoader malware, a notorious downloader known for its historical involvement in phishing campaigns. The malware has...
GitLab, a leading platform for DevOps lifecycle tools, has announced the release of critical updates for both its Community Edition (CE) and Enterprise Edition (EE). The new versions, 17.1.1, 17.0.3,...
A critical SQL Injection vulnerability (CVE-2024-5276) has been discovered in Fortra FileCatalyst Workflow, a popular enterprise file transfer solution. This vulnerability could allow attackers to tamper with application data, potentially...
Xlab uncovered a new threat emerging from the notorious “8220” mining gang, also known as “Water Sigbin.” This gang, originating from China and active since 2017, has been a persistent...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. These security flaws, impacting GeoSolutionsGroup, the Linux Kernel, and Roundcube...
A critical vulnerability (CVE-2024-38373) has been discovered in FreeRTOS-Plus-TCP, a popular TCP/IP stack widely used in Internet of Things (IoT) devices and embedded systems. This high-severity flaw, assigned a CVSS...
Progress Software Corporation has issued a dire warning to all users of its WhatsUp Gold network monitoring software, revealing a series of severe vulnerabilities that could have devastating consequences if...
Cybersecurity researchers at K7 Security Labs have pulled back the curtain on a sophisticated and insidious Android Remote Administration Tool (RAT) they’ve dubbed “SpyMax.” This malicious software, specifically designed to...
A security researcher has published a proof-of-concept (PoC) exploit code targeting a recent high-severity vulnerability (CVE-2024-30088) in Microsoft Windows. This critical flaw holds a risk severity score of 7.0 and...
A critical vulnerability (CVE-2024-5806) in the widely used MOVEit Transfer file transfer software has been disclosed and is already under active exploitation. Progress Software, the developer of MOVEit, released information...
Singapore’s digital landscape is facing a mounting threat as cybercriminals exploit stolen digital identities of its citizens on the Dark Web, according to a recent report by cybersecurity firm Resecurity....
Support Securityonline.info site. Thanks!
