Vulnerability

North Korean Hackers Exploit Zero-Day Flaw (CVE-2024-38178) in “Operation Code on Toast”

• Cyber Security
• Vulnerability

North Korean Hackers Exploit Zero-Day Flaw (CVE-2024-38178) in “Operation Code on Toast”

Ddos October 16, 2024 0

A joint report by AhnLab Security Emergency response Center (ASEC) and the National Cyber Security Center (NCSC)...

Read More Read more about North Korean Hackers Exploit Zero-Day Flaw (CVE-2024-38178) in “Operation Code on Toast”

CVE-2024-9486 (CVSS 9.8): Kubernetes Image Builder Flaw Exposes VMs to Root Access

• Vulnerability

CVE-2024-9486 (CVSS 9.8): Kubernetes Image Builder Flaw Exposes VMs to Root Access

Ddos October 15, 2024 0

The Kubernetes Security Response Committee has disclosed two security vulnerabilities (CVE-2024-9486 and CVE-2024-9594) in the Kubernetes Image...

Read More Read more about CVE-2024-9486 (CVSS 9.8): Kubernetes Image Builder Flaw Exposes VMs to Root Access

“Command-Jacking”: New Supply Chain Attack Hijacks CLI Tools

• Vulnerability

“Command-Jacking”: New Supply Chain Attack Hijacks CLI Tools

Ddos October 15, 2024 0

In a report by Yehuda Gelb and Elad Rapoport from the Checkmarx Security Research Team, a new...

Read More Read more about “Command-Jacking”: New Supply Chain Attack Hijacks CLI Tools

CVE-2024-9634 (CVSS 9.8): Critical GiveWP Flaw Exposes 100,000+ WordPress Sites to RCE

• Vulnerability

CVE-2024-9634 (CVSS 9.8): Critical GiveWP Flaw Exposes 100,000+ WordPress Sites to RCE

Ddos October 15, 2024 0

A critical security vulnerability (CVE-2024-9634) has been discovered and patched in GiveWP, a popular WordPress donation plugin...

Read More Read more about CVE-2024-9634 (CVSS 9.8): Critical GiveWP Flaw Exposes 100,000+ WordPress Sites to RCE

Rittal IoT Interface and CMC III Processing Unit Plagued by Critical Security Flaws

• Vulnerability

Rittal IoT Interface and CMC III Processing Unit Plagued by Critical Security Flaws

Ddos October 15, 2024 0

Rittal, a leading provider of industrial automation solutions, has addressed multiple vulnerabilities in their IoT Interface and...

Read More Read more about Rittal IoT Interface and CMC III Processing Unit Plagued by Critical Security Flaws

Broken Promises: E2EE Cloud Storage Vulnerabilities Exposed

• Vulnerability

Broken Promises: E2EE Cloud Storage Vulnerabilities Exposed

Ddos October 15, 2024 0

In a world where data privacy is a growing concern, end-to-end encryption (E2EE) cloud storage systems promise to...

Read More Read more about Broken Promises: E2EE Cloud Storage Vulnerabilities Exposed

Critical Vulnerabilities Found in mbNET.mini Industrial Routers Could Allow for Full System Takeover

• Vulnerability

Critical Vulnerabilities Found in mbNET.mini Industrial Routers Could Allow for Full System Takeover

Ddos October 15, 2024 0

A security advisory issued by CERT@VDE has revealed multiple critical vulnerabilities in the mbNET.mini industrial router, a...

Read More Read more about Critical Vulnerabilities Found in mbNET.mini Industrial Routers Could Allow for Full System Takeover

CISA Warns Actively Exploited Vulnerabilities, Including Windows Kernel Flaw and Firefox Zero-Day

• Vulnerability

CISA Warns Actively Exploited Vulnerabilities, Including Windows Kernel Flaw and Firefox Zero-Day

Ddos October 15, 2024 0

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about three actively exploited security...

Read More Read more about CISA Warns Actively Exploited Vulnerabilities, Including Windows Kernel Flaw and Firefox Zero-Day

Helmholz REX100 Industrial Routers Found Vulnerable to Critical Security Exploits

• Vulnerability

Helmholz REX100 Industrial Routers Found Vulnerable to Critical Security Exploits

Ddos October 15, 2024 0

CERT@VDE has issued a security advisory disclosing multiple vulnerabilities in Helmholz REX100 industrial routers, potentially allowing unauthorized...

Read More Read more about Helmholz REX100 Industrial Routers Found Vulnerable to Critical Security Exploits

PoC Exploit Release for Windows Kernel-Mode Driver Elevation of Privilege Flaw (CVE-2024-35250)

• Vulnerability

PoC Exploit Release for Windows Kernel-Mode Driver Elevation of Privilege Flaw (CVE-2024-35250)

Ddos October 14, 2024 0

In a detailed analysis by security researcher Angelboy (@scwuaptx) from the DEVCORE Research Team, the critical vulnerability...

Read More Read more about PoC Exploit Release for Windows Kernel-Mode Driver Elevation of Privilege Flaw (CVE-2024-35250)

CVE-2024-9312: Ubuntu Authd Flaw Allows User ID Spoofing

• Vulnerability

CVE-2024-9312: Ubuntu Authd Flaw Allows User ID Spoofing

Ddos October 14, 2024 0

Canonical has recently issued a security advisory addressing a vulnerability (CVE-2024-9312, CVSS 7.6) in Authd, an authentication...

Read More Read more about CVE-2024-9312: Ubuntu Authd Flaw Allows User ID Spoofing

Earth Simnavaz Exploits Windows Kernel Flaw CVE-2024-30088 in Attacks on Critical Infrastructure

• Cyber Security
• Vulnerability

Earth Simnavaz Exploits Windows Kernel Flaw CVE-2024-30088 in Attacks on Critical Infrastructure

Ddos October 14, 2024 0

Trend Micro researchers have uncovered a series of advanced cyberattacks carried out by the threat group Earth...

Read More Read more about Earth Simnavaz Exploits Windows Kernel Flaw CVE-2024-30088 in Attacks on Critical Infrastructure

Critical Security Vulnerability in Jetpack Plugin Affects Millions of WordPress Websites

• Vulnerability

Critical Security Vulnerability in Jetpack Plugin Affects Millions of WordPress Websites

Ddos October 14, 2024 0

Jetpack, a popular WordPress plugin developed by Automattic, has released a critical security update today, addressing a...

Read More Read more about Critical Security Vulnerability in Jetpack Plugin Affects Millions of WordPress Websites

Splunk Patches Critical Vulnerabilities, Including Remote Code Execution Flaws

• Vulnerability

Splunk Patches Critical Vulnerabilities, Including Remote Code Execution Flaws

Ddos October 14, 2024 0

Splunk, a leading platform for data analytics and security monitoring, has released a slew of security updates...

Read More Read more about Splunk Patches Critical Vulnerabilities, Including Remote Code Execution Flaws

CVE-2024-9137 (CVSS 9.4) in Moxa’s Cellular Routers and Security Appliances: Immediate Patching Required

• Vulnerability

CVE-2024-9137 (CVSS 9.4) in Moxa’s Cellular Routers and Security Appliances: Immediate Patching Required

Ddos October 14, 2024 0

In a recently disclosed security advisory, Moxa has revealed two critical vulnerabilities affecting its cellular routers, secure...

Read More Read more about CVE-2024-9137 (CVSS 9.4) in Moxa’s Cellular Routers and Security Appliances: Immediate Patching Required

CVE-2024-9921 (CVSS 9.8): Critical Flaw Found in Popular Business Collaboration Tool Team+

• Vulnerability

CVE-2024-9921 (CVSS 9.8): Critical Flaw Found in Popular Business Collaboration Tool Team+

Ddos October 14, 2024 0

In a recent vulnerability note issued by TWCERT/CC (Taiwan Computer Emergency Response Team / Coordination Center), three...

Read More Read more about CVE-2024-9921 (CVSS 9.8): Critical Flaw Found in Popular Business Collaboration Tool Team+

Popular Java Security Framework ‘pac4j’ Vulnerable to RCE (CVE-2023-25581)

• Vulnerability

Popular Java Security Framework ‘pac4j’ Vulnerable to RCE (CVE-2023-25581)

Ddos October 13, 2024 0

A new analysis by security researcher Michael Stepankin (@artsploit) of the GitHub Security Lab (GHSL) has uncovered...

Read More Read more about Popular Java Security Framework ‘pac4j’ Vulnerable to RCE (CVE-2023-25581)

$50,000 Bounty: Researcher Reveals Critical Zendesk Email Spoofing Flaw (CVE-2024-49193)

• Vulnerability

$50,000 Bounty: Researcher Reveals Critical Zendesk Email Spoofing Flaw (CVE-2024-49193)

Ddos October 13, 2024 0

In a detailed analysis by security researcher Daniel, a serious vulnerability in Zendesk’s email management system, tracked...

Read More Read more about $50,000 Bounty: Researcher Reveals Critical Zendesk Email Spoofing Flaw (CVE-2024-49193)

Bitcoin Core Vulnerability (CVE-2024-35202) Enables Remote Node Crashes

• Vulnerability

Bitcoin Core Vulnerability (CVE-2024-35202) Enables Remote Node Crashes

Ddos October 13, 2024 0

A high-severity vulnerability, tracked as CVE-2024-35202 and assigned a CVSS v3.0 base score of 7.5, has been...

Read More Read more about Bitcoin Core Vulnerability (CVE-2024-35202) Enables Remote Node Crashes

GitHub Enterprise Server Patches Critical Security Flaw – CVE-2024-9487 (CVSS 9.5)

• Vulnerability

GitHub Enterprise Server Patches Critical Security Flaw – CVE-2024-9487 (CVSS 9.5)

Ddos October 13, 2024 0

GitHub has released security updates to address two vulnerabilities in GitHub Enterprise Server, one of which could...

Read More Read more about GitHub Enterprise Server Patches Critical Security Flaw – CVE-2024-9487 (CVSS 9.5)