Vulnerability

CVE-2024-28397: js2py Vulnerability Exposes Millions of Python Users to RCE

• Vulnerability

CVE-2024-28397: js2py Vulnerability Exposes Millions of Python Users to RCE

do son June 21, 2024

A critical vulnerability in js2py, a widely-used Python library with over 1 million monthly downloads, has left...

Read More Read more about CVE-2024-28397: js2py Vulnerability Exposes Millions of Python Users to RCE

PrestaShop Sites Under Attack via Facebook Module Vulnerability (CVE-2024-36680)

• Vulnerability

PrestaShop Sites Under Attack via Facebook Module Vulnerability (CVE-2024-36680)

do son June 20, 2024

A critical vulnerability in a popular PrestaShop module, “Facebook” (pkfacebook) by Promokit.eu, has been discovered and is...

Read More Read more about PrestaShop Sites Under Attack via Facebook Module Vulnerability (CVE-2024-36680)

CosmicSting (CVE-2024-34102): A Critical E-Commerce Vulnerability Threatening Millions of Online Stores

• Vulnerability

CosmicSting (CVE-2024-34102): A Critical E-Commerce Vulnerability Threatening Millions of Online Stores

do son June 20, 2024

A newly discovered vulnerability dubbed “CosmicSting” (CVE-2024-34102) has sent shockwaves through the e-commerce world, potentially jeopardizing millions...

Read More Read more about CosmicSting (CVE-2024-34102): A Critical E-Commerce Vulnerability Threatening Millions of Online Stores

Ghostscript Patches Multiple Vulnerabilities, Potential for Arbitrary Code Execution

• Vulnerability

Ghostscript Patches Multiple Vulnerabilities, Potential for Arbitrary Code Execution

do son June 20, 2024

Ghostscript, a widely-used open-source software for rendering and converting PostScript and PDF files, has released a critical...

Read More Read more about Ghostscript Patches Multiple Vulnerabilities, Potential for Arbitrary Code Execution

PoC Published for Critical Nvidia Triton Inference Server Vulnerabilities

• Vulnerability

PoC Published for Critical Nvidia Triton Inference Server Vulnerabilities

do son June 20, 2024

Cybersecurity researcher Zhiniang Peng published the technical details and proof-of-concept for two serious vulnerabilities in NVIDIA’s widely...

Read More Read more about PoC Published for Critical Nvidia Triton Inference Server Vulnerabilities

Fortra Warns: Hard-Coded Password Vulnerability in FileCatalyst – CVE-2024-5275

• Vulnerability

Fortra Warns: Hard-Coded Password Vulnerability in FileCatalyst – CVE-2024-5275

do son June 19, 2024

Fortra, the developer of the popular FileCatalyst file transfer solutions, has issued a critical security advisory warning...

Read More Read more about Fortra Warns: Hard-Coded Password Vulnerability in FileCatalyst – CVE-2024-5275

GreyNoise Warns of Active Exploitation Attempts Targeting SolarWinds Serv-U Vulnerability (CVE-2024-28995)

• Cyber Security
• Vulnerability

GreyNoise Warns of Active Exploitation Attempts Targeting SolarWinds Serv-U Vulnerability (CVE-2024-28995)

do son June 19, 2024

On June 5, 2024, SolarWinds issued a critical advisory regarding a newly discovered path-traversal vulnerability in Serv-U,...

Read More Read more about GreyNoise Warns of Active Exploitation Attempts Targeting SolarWinds Serv-U Vulnerability (CVE-2024-28995)

China-Linked UNC3886: Mandiant Reveals Extensive Espionage TTPs

• Cyber Security
• Malware
• Vulnerability

China-Linked UNC3886: Mandiant Reveals Extensive Espionage TTPs

do son June 19, 2024

Cybersecurity firm Mandiant has unveiled a comprehensive report detailing the extensive cyber espionage campaign of UNC3886, a...

Read More Read more about China-Linked UNC3886: Mandiant Reveals Extensive Espionage TTPs

CVE-2023-32191 (CVSS 10) in Rancher Kubernetes Engine Exposes Sensitive Credentials

• Vulnerability

CVE-2023-32191 (CVSS 10) in Rancher Kubernetes Engine Exposes Sensitive Credentials

do son June 18, 2024

A critical vulnerability has been discovered in the Rancher Kubernetes Engine (RKE), a widely used Kubernetes distribution...

Read More Read more about CVE-2023-32191 (CVSS 10) in Rancher Kubernetes Engine Exposes Sensitive Credentials

CVE-2024-5671 (CVSS 9.8) Exposes Trellix Intrusion Prevention System to Remote Attacks

• Vulnerability

CVE-2024-5671 (CVSS 9.8) Exposes Trellix Intrusion Prevention System to Remote Attacks

do son June 18, 2024

Trellix, a prominent cybersecurity provider, has issued urgent patches for two critical vulnerabilities discovered in its Intrusion...

Read More Read more about CVE-2024-5671 (CVSS 9.8) Exposes Trellix Intrusion Prevention System to Remote Attacks

CVE-2024-37079, CVE-2024-37080: Critical VMware vCenter Server Vulnerabilities Demand Immediate Action

• Vulnerability

CVE-2024-37079, CVE-2024-37080: Critical VMware vCenter Server Vulnerabilities Demand Immediate Action

do son June 18, 2024

In a security advisory released today, Broadcom revealed multiple critical vulnerabilities in VMware vCenter Server, the widely...

Read More Read more about CVE-2024-37079, CVE-2024-37080: Critical VMware vCenter Server Vulnerabilities Demand Immediate Action

CVE-2024-37902 (CVSS 10): Critical Flaw in Deep Java Library Opens Door to System Takeover

• Vulnerability

CVE-2024-37902 (CVSS 10): Critical Flaw in Deep Java Library Opens Door to System Takeover

do son June 17, 2024

A critical vulnerability (CVE-2024-37902) has been discovered in the Deep Java Library (DJL), a widely-used open-source framework...

Read More Read more about CVE-2024-37902 (CVSS 10): Critical Flaw in Deep Java Library Opens Door to System Takeover

CVE-2024-6047 (CVSS 9.8): Urgent Security Risk for GeoVision Users

• Vulnerability

CVE-2024-6047 (CVSS 9.8): Urgent Security Risk for GeoVision Users

do son June 17, 2024

Taiwan’s CERT has issued a critical security warning regarding a severe vulnerability (CVE-2024-6047) affecting various end-of-life (EOL)...

Read More Read more about CVE-2024-6047 (CVSS 9.8): Urgent Security Risk for GeoVision Users

XenForo Issues Urgent Security Patch to Thwart Remote Code Execution Threat

• Vulnerability

XenForo Issues Urgent Security Patch to Thwart Remote Code Execution Threat

do son June 17, 2024

Popular forum software platform, XenForo, has released an urgent security patch to address a critical vulnerability that...

Read More Read more about XenForo Issues Urgent Security Patch to Thwart Remote Code Execution Threat

Pandora FMS Reveals High-Risk Security Flaws Affecting 50,000+ Installations

• Vulnerability

Pandora FMS Reveals High-Risk Security Flaws Affecting 50,000+ Installations

do son June 17, 2024

Pandora FMS, the renowned open-source monitoring application with over 50,000 installations globally, has issued a critical security...

Read More Read more about Pandora FMS Reveals High-Risk Security Flaws Affecting 50,000+ Installations