Vulnerability

Critical Zero-Day Vulnerability in Windows Exposes User Credentials

• Vulnerability

Critical Zero-Day Vulnerability in Windows Exposes User Credentials

Ddos December 5, 2024 0

A newly discovered zero-day vulnerability affecting all supported and legacy versions of Microsoft Windows allows attackers to...

Read More Read more about Critical Zero-Day Vulnerability in Windows Exposes User Credentials

Django Releases Patches for CVE-2024-53907 and CVE-2024-53908 to Mitigate DoS and SQLi Threats

• Vulnerability

Django Releases Patches for CVE-2024-53907 and CVE-2024-53908 to Mitigate DoS and SQLi Threats

Ddos December 5, 2024 0

The Django team has recently announced the release of Django 5.1.4, Django 5.0.10, and Django 4.2.17 to...

Read More Read more about Django Releases Patches for CVE-2024-53907 and CVE-2024-53908 to Mitigate DoS and SQLi Threats

Browser Isolation Bypassed: QR Codes Used in Novel C2 Attacks

• Cyber Security
• Vulnerability

Browser Isolation Bypassed: QR Codes Used in Novel C2 Attacks

Ddos December 5, 2024 0

Browser isolation technology, often lauded as a cornerstone of modern cybersecurity, is not impervious to creative exploitation....

Read More Read more about Browser Isolation Bypassed: QR Codes Used in Novel C2 Attacks

CVE-2024-43222 (CVSS 9.8): Critical Flaw in Sweet Date WordPress Theme Exposes Thousands of Sites to Potential Takeovers

• Vulnerability

CVE-2024-43222 (CVSS 9.8): Critical Flaw in Sweet Date WordPress Theme Exposes Thousands of Sites to Potential Takeovers

Ddos December 5, 2024 0

A critical vulnerability (CVE-2024-43222) has been identified in the Sweet Date WordPress theme, a popular premium theme...

Read More Read more about CVE-2024-43222 (CVSS 9.8): Critical Flaw in Sweet Date WordPress Theme Exposes Thousands of Sites to Potential Takeovers

Multiple Vulnerabilities in SonicWall SMA 100 Could Lead to Remote Code Execution

• Vulnerability

Multiple Vulnerabilities in SonicWall SMA 100 Could Lead to Remote Code Execution

Ddos December 5, 2024 0

SonicWall has issued a security advisory regarding several vulnerabilities impacting its SMA 100 series SSL-VPN products. These...

Read More Read more about Multiple Vulnerabilities in SonicWall SMA 100 Could Lead to Remote Code Execution

CVE-2024-53990 (CVSS 9.2): AsyncHttpClient Vulnerability Puts Java Applications at Risk

• Vulnerability

CVE-2024-53990 (CVSS 9.2): AsyncHttpClient Vulnerability Puts Java Applications at Risk

Ddos December 5, 2024 0

A critical severity vulnerability (CVE-2024-53990) has been discovered in the AsyncHttpClient (AHC) library, a popular Java library...

Read More Read more about CVE-2024-53990 (CVSS 9.2): AsyncHttpClient Vulnerability Puts Java Applications at Risk

Veeam Backup & Replication Vulnerabilities Exposed: High-Severity Flaws Put Data at Risk

• Vulnerability

Veeam Backup & Replication Vulnerabilities Exposed: High-Severity Flaws Put Data at Risk

Ddos December 4, 2024 0

Veeam Software, a prominent provider of backup, recovery, and data management solutions, has released a security update...

Read More Read more about Veeam Backup & Replication Vulnerabilities Exposed: High-Severity Flaws Put Data at Risk

Five Flaws in Lorex 2K Security Cameras Enable Hackers to Take Full Control, PoC Published

• Vulnerability

Five Flaws in Lorex 2K Security Cameras Enable Hackers to Take Full Control, PoC Published

Ddos December 4, 2024 0

Rapid7’s latest research reveals a series of critical vulnerabilities in the Lorex 2K Indoor Wi-Fi Security Camera,...

Read More Read more about Five Flaws in Lorex 2K Security Cameras Enable Hackers to Take Full Control, PoC Published

CVE-2024-10905 (CVSS 10): Critical Vulnerability in SailPoint IdentityIQ Exposes Sensitive Data

• Vulnerability

CVE-2024-10905 (CVSS 10): Critical Vulnerability in SailPoint IdentityIQ Exposes Sensitive Data

Ddos December 4, 2024 0

A critical vulnerability has been discovered in SailPoint IdentityIQ, a widely used identity and access management (IAM)...

Read More Read more about CVE-2024-10905 (CVSS 10): Critical Vulnerability in SailPoint IdentityIQ Exposes Sensitive Data

CVE-2024-51378 (CVSS 10): Critical CyberPanel Flaw Under Active Attack, CISA Warns

• Vulnerability

CVE-2024-51378 (CVSS 10): Critical CyberPanel Flaw Under Active Attack, CISA Warns

Ddos December 4, 2024 0

The Cybersecurity and Infrastructure Security Agency (CISA) has warned about a critical vulnerability in CyberPanel, an open-source...

Read More Read more about CVE-2024-51378 (CVSS 10): Critical CyberPanel Flaw Under Active Attack, CISA Warns

Exploit Code Available: Critical Flaw Found in WhatsUp Gold- CVE-2024-8785 (CVSS 9.8)

• Vulnerability

Exploit Code Available: Critical Flaw Found in WhatsUp Gold- CVE-2024-8785 (CVSS 9.8)

Ddos December 4, 2024 0

Tenable’s latest vulnerability analysis has exposed a critical flaw, CVE-2024-8785, in WhatsUp Gold versions prior to 24.0.1....

Read More Read more about Exploit Code Available: Critical Flaw Found in WhatsUp Gold- CVE-2024-8785 (CVSS 9.8)

I-O DATA Routers Under Attack: Urgent Firmware Update Needed!

• Vulnerability

I-O DATA Routers Under Attack: Urgent Firmware Update Needed!

Ddos December 3, 2024 0

Multiple vulnerabilities have been discovered in I-O DATA routers UD-LT1 and UD-LT1/EX, and active exploitation is already...

Read More Read more about I-O DATA Routers Under Attack: Urgent Firmware Update Needed!

PoC Exploit Releases for Critical Zabbix Vulnerability – CVE-2024-42327 (CVSS 9.9)

• Vulnerability

PoC Exploit Releases for Critical Zabbix Vulnerability – CVE-2024-42327 (CVSS 9.9)

Ddos December 3, 2024 0

Security researcher Alejandro Ramos has published a detailed technical analysis and proof-of-concept (PoC) exploit code for CVE-2024-42327,...

Read More Read more about PoC Exploit Releases for Critical Zabbix Vulnerability – CVE-2024-42327 (CVSS 9.9)

CVE-2024-42448 (CVSS 9.9): Critical RCE Vulnerability in Veeam VSPC

• Vulnerability

CVE-2024-42448 (CVSS 9.9): Critical RCE Vulnerability in Veeam VSPC

Ddos December 3, 2024 0

Veeam Software, a prominent provider of backup and disaster recovery solutions, has released urgent security updates to...

Read More Read more about CVE-2024-42448 (CVSS 9.9): Critical RCE Vulnerability in Veeam VSPC

PoC Confirms Root Privilege Exploit in TP-Link Archer AXE75 Vulnerability (CVE-2024-53375)

• Vulnerability

PoC Confirms Root Privilege Exploit in TP-Link Archer AXE75 Vulnerability (CVE-2024-53375)

Ddos December 3, 2024 0

A newly discovered vulnerability in the TP-Link Archer AXE75 router, tracked as CVE-2024-53375, could allow remote attackers...

Read More Read more about PoC Confirms Root Privilege Exploit in TP-Link Archer AXE75 Vulnerability (CVE-2024-53375)

CISA Flags Three Actively Exploited Vulnerabilities in Critical Systems

• Vulnerability

CISA Flags Three Actively Exploited Vulnerabilities in Critical Systems

Ddos December 3, 2024 0

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert regarding three critical security vulnerabilities actively...

Read More Read more about CISA Flags Three Actively Exploited Vulnerabilities in Critical Systems

Google Chrome Addresses High-Severity Flaw in V8 JavaScript Engine (CVE-2024-12053)

• Vulnerability

Google Chrome Addresses High-Severity Flaw in V8 JavaScript Engine (CVE-2024-12053)

Ddos December 3, 2024 0

Google has released a security update for its Chrome web browser to mitigate a high-severity “type confusion”...

Read More Read more about Google Chrome Addresses High-Severity Flaw in V8 JavaScript Engine (CVE-2024-12053)

Protect Your Network: Zyxel Issues Firmware Updates

• Vulnerability

Protect Your Network: Zyxel Issues Firmware Updates

Ddos December 3, 2024 0

Zyxel Networks has released firmware updates to address multiple vulnerabilities affecting a range of its networking products,...

Read More Read more about Protect Your Network: Zyxel Issues Firmware Updates

Cisco Confirms Active Exploitation of Decade-Old WebVPN Vulnerability in ASA Software

• Vulnerability

Cisco Confirms Active Exploitation of Decade-Old WebVPN Vulnerability in ASA Software

Ddos December 3, 2024 0

Cisco Systems has issued an updated security advisory regarding CVE-2014-2120, a vulnerability affecting the WebVPN login page...

Read More Read more about Cisco Confirms Active Exploitation of Decade-Old WebVPN Vulnerability in ASA Software

Critical Vulnerabilities in mySCADA myPRO Software Pose Significant Risk to Industrial Control Systems

• Vulnerability

Critical Vulnerabilities in mySCADA myPRO Software Pose Significant Risk to Industrial Control Systems

Ddos December 3, 2024 0

Researchers have disclosed critical vulnerabilities in mySCADA’s myPRO software, a widely deployed industrial automation platform. These security...

Read More Read more about Critical Vulnerabilities in mySCADA myPRO Software Pose Significant Risk to Industrial Control Systems