Vulnerability

Decoding AI Vulnerabilities: NIST’s Deep Dive into Adversarial Machine Learning

• Cyber Security
• Vulnerability

Decoding AI Vulnerabilities: NIST’s Deep Dive into Adversarial Machine Learning

Do Son January 8, 2024 0

In an age where artificial intelligence (AI) seamlessly integrates into our daily lives, a new publication from...

Read More Read more about Decoding AI Vulnerabilities: NIST’s Deep Dive into Adversarial Machine Learning

CVE-2024-21633 Let Attacker Gain Remote Code Execution in Mobile Security Framework (MobSF)

• Vulnerability

CVE-2024-21633 Let Attacker Gain Remote Code Execution in Mobile Security Framework (MobSF)

Do Son January 7, 2024 0

The discovery of a subtle yet potent vulnerability can send ripples across the industry. Recently, a security...

Read More Read more about CVE-2024-21633 Let Attacker Gain Remote Code Execution in Mobile Security Framework (MobSF)

North Korean APT’s Stealth Attack on Open-Source Ecosystems

• Malware
• Vulnerability

North Korean APT’s Stealth Attack on Open-Source Ecosystems

Do Son January 7, 2024 0

Security researchers at Phylum have been tracking a sophisticated cyber campaign involving a series of npm packages...

Read More Read more about North Korean APT’s Stealth Attack on Open-Source Ecosystems

Decoding the CVE-2023-39296 Vulnerability: A Technical and PoC Analysis

• Vulnerability

Decoding the CVE-2023-39296 Vulnerability: A Technical and PoC Analysis

Do Son January 6, 2024 0

The technical details and a proof-of-concept (PoC) were released for the recently patched security flaw, CVE-2023-39296, a...

Read More Read more about Decoding the CVE-2023-39296 Vulnerability: A Technical and PoC Analysis

CVE-2024-21633: The Critical Flaw in Apktool and How to Mitigate It

• Vulnerability

CVE-2024-21633: The Critical Flaw in Apktool and How to Mitigate It

Do Son January 5, 2024 0

In the intricate world of Android application development, tools like Apktool have been indispensable for developers and...

Read More Read more about CVE-2024-21633: The Critical Flaw in Apktool and How to Mitigate It

Researcher Exposes Inductive Automation Ignition Vulnerabilities: CVE-2023-39475 & 39476

• Vulnerability

Researcher Exposes Inductive Automation Ignition Vulnerabilities: CVE-2023-39475 & 39476

Do Son January 4, 2024 0

In January 2010, Inductive Automation introduced the Ignition platform, an integrated software solution for SCADA systems. Built...

Read More Read more about Researcher Exposes Inductive Automation Ignition Vulnerabilities: CVE-2023-39475 & 39476

Teleport’s Security Breach: Centralized System Faces Critical Vulnerabilities

• Vulnerability

Teleport’s Security Breach: Centralized System Faces Critical Vulnerabilities

Do Son January 4, 2024 0

Teleport, a renowned platform offering centralized authentication and auditing for servers and cloud applications, has recently found...

Read More Read more about Teleport’s Security Breach: Centralized System Faces Critical Vulnerabilities

CVE-2023-39336: Ivanti Addresses Major RCE Vulnerability

• Vulnerability

CVE-2023-39336: Ivanti Addresses Major RCE Vulnerability

Do Son January 4, 2024 0

Ivanti, a renowned name in IT asset and systems management, has addressed a severe security loophole in...

Read More Read more about CVE-2023-39336: Ivanti Addresses Major RCE Vulnerability

CVE-2023-51784 & 51785: Two Critical Security Flaws in Apache InLong

• Vulnerability

CVE-2023-51784 & 51785: Two Critical Security Flaws in Apache InLong

Do Son January 3, 2024 0

Apache InLong emerges as a pioneering framework, adept at harnessing the torrent of information flowing through the...

Read More Read more about CVE-2023-51784 & 51785: Two Critical Security Flaws in Apache InLong

CVE-2023-6600: Over 300,000 Sites at Risk from OMGF Plugin XSS Flaw

• Vulnerability

CVE-2023-6600: Over 300,000 Sites at Risk from OMGF Plugin XSS Flaw

Do Son January 3, 2024 0

The popular “OMGF | GDPR/DSGVO Compliant, Faster Google Fonts. Easy.” plugin, a staple in over 300,000 WordPress...

Read More Read more about CVE-2023-6600: Over 300,000 Sites at Risk from OMGF Plugin XSS Flaw

$70K Bounty for Revealing CVE-2023-41974 Flaw, PoC Published

• Vulnerability

$70K Bounty for Revealing CVE-2023-41974 Flaw, PoC Published

Do Son January 3, 2024 0

Proof-of-concept (PoC) code has been released for iOS and macOS vulnerability, CVE-2023-41974, which can be chained to...

Read More Read more about $70K Bounty for Revealing CVE-2023-41974 Flaw, PoC Published

CVE-2023-48419 & 6339: Urgent Update on Google Nest’s Critical Flaws

• Vulnerability

CVE-2023-48419 & 6339: Urgent Update on Google Nest’s Critical Flaws

Do Son January 2, 2024 0

In a digital era where smart home devices are becoming ubiquitous, Google’s latest security bulletin for December...

Read More Read more about CVE-2023-48419 & 6339: Urgent Update on Google Nest’s Critical Flaws

CVE-2023-48418: A maximum severity vulnerability in Pixel Watch

• Vulnerability

CVE-2023-48418: A maximum severity vulnerability in Pixel Watch

Do Son January 2, 2024 0

In the realm of wearable technology, security often takes a backseat to functionality and design. However, the...

Read More Read more about CVE-2023-48418: A maximum severity vulnerability in Pixel Watch

PandoraFMS Enterprise: Unveiling 18 High-Risk Network Vulnerabilities

• Vulnerability

PandoraFMS Enterprise: Unveiling 18 High-Risk Network Vulnerabilities

Do Son January 2, 2024 0

NCC Group’s security researchers unearthed 18 vulnerabilities in PandoraFMS Enterprise v7.0NG.767, a network monitoring and management application...

Read More Read more about PandoraFMS Enterprise: Unveiling 18 High-Risk Network Vulnerabilities

CISA Warns of Active Exploitation of Chromium and Spreadsheet::ParseExcel

• Vulnerability

CISA Warns of Active Exploitation of Chromium and Spreadsheet::ParseExcel

Do Son January 2, 2024 0

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning that underscores the ongoing...

Read More Read more about CISA Warns of Active Exploitation of Chromium and Spreadsheet::ParseExcel

CVE-2023-32434 Exploited: PoC Unlocks Full Command of iOS Devices

• Vulnerability

CVE-2023-32434 Exploited: PoC Unlocks Full Command of iOS Devices

Do Son January 2, 2024 0

Proof-of-concept (PoC) code has been released for a zero-day iOS vulnerability (CVE-2023-32434) that can be chained to...

Read More Read more about CVE-2023-32434 Exploited: PoC Unlocks Full Command of iOS Devices

Qualcomm Patches 3 Critical Flaws in January 2024 Security Bulletin

• Vulnerability

Qualcomm Patches 3 Critical Flaws in January 2024 Security Bulletin

Do Son January 2, 2024 0

In a proactive maneuver, US chip giant Qualcomm has recently addressed 14 vulnerabilities within its array of...

Read More Read more about Qualcomm Patches 3 Critical Flaws in January 2024 Security Bulletin

Security Joes Unveils Stealthy Windows Hijack Technique via WinSxS

• Malware
• Vulnerability

Security Joes Unveils Stealthy Windows Hijack Technique via WinSxS

Do Son January 1, 2024 0

In the ever-evolving landscape of cybersecurity, threat actors continuously seek new methods to compromise systems. A groundbreaking...

Read More Read more about Security Joes Unveils Stealthy Windows Hijack Technique via WinSxS

CVE-2023-50255: The Threat Inside Deepin Linux’s Archive Manager

• Vulnerability

CVE-2023-50255: The Threat Inside Deepin Linux’s Archive Manager

Do Son January 1, 2024 0

Deepin is a popular Linux distribution based on the Debian “stable” branch. It’s highly praised for its...

Read More Read more about CVE-2023-50255: The Threat Inside Deepin Linux’s Archive Manager

CVE-2023-50226 Exposed: PoC Code Threatens Parallels Desktop Security

• Vulnerability

CVE-2023-50226 Exposed: PoC Code Threatens Parallels Desktop Security

Do Son January 1, 2024 0

Proof-of-concept (PoC) exploit code has been made available for a recently disclosed flaw, CVE-2023-50226 (CVSS 7.8), impacting...

Read More Read more about CVE-2023-50226 Exposed: PoC Code Threatens Parallels Desktop Security