Daily CyberSecurity • Page 422 of 740 • Zero-hour alerts. Unmatched analysis.

Splunk Patches Critical Vulnerabilities, Including Remote Code Execution Flaws Splunk Enterprise - CVE-2024-45731 and CVE-2024-45733

Splunk Patches Critical Vulnerabilities, Including Remote Code Execution Flaws

Do Son October 14, 2024

Splunk, a leading platform for data analytics and security monitoring, has released a slew of security updates...

New Linux Variant of DPRK-Attributed FASTCash Malware Discovered

Do Son October 14, 2024

Security researcher HaxRob has uncovered a new Linux variant of the notorious FASTCash malware, attributed to North...

CVE-2024-9137 (CVSS 9.4) in Moxa’s Cellular Routers and Security Appliances: Immediate Patching Required Moxa Hard-Coded Credentials, Critical JWT Bypass CVE-2024-9137 and CVE-2024-9139 - CVE-2024-12297 CVE-2024-7695 CVE-2024-9404 CVE-2024-12297 CVE-2025-0415

Moxa Hard-Coded Credentials, Critical JWT Bypass CVE-2024-9137 and CVE-2024-9139 - CVE-2024-12297 CVE-2024-7695 CVE-2024-9404 CVE-2024-12297 CVE-2025-0415

CVE-2024-9137 (CVSS 9.4) in Moxa’s Cellular Routers and Security Appliances: Immediate Patching Required

Do Son October 14, 2024

In a recently disclosed security advisory, Moxa has revealed two critical vulnerabilities affecting its cellular routers, secure...

“Water Makara” Employs Astaroth Malware in Targeted Attacks on Brazilian Organizations Water Makara - Astaroth Malware

“Water Makara” Employs Astaroth Malware in Targeted Attacks on Brazilian Organizations

Do Son October 14, 2024

In a new report by Trend Micro Research, a spear-phishing campaign has emerged in Brazil, using a...

CVE-2024-9921 (CVSS 9.8): Critical Flaw Found in Popular Business Collaboration Tool Team+ CVE-2024-9921 - Team+

CVE-2024-9921 (CVSS 9.8): Critical Flaw Found in Popular Business Collaboration Tool Team+

Do Son October 14, 2024

In a recent vulnerability note issued by TWCERT/CC (Taiwan Computer Emergency Response Team / Coordination Center), three...

Gmail Scam Alert: Hackers Spoof Google to Steal Credentials

Do Son October 14, 2024

Boasting over 2.5 billion users worldwide, Gmail reigns as the most prevalent email service globally. Consequently, it...

Google Enables Linux Terminal on Android, Running Debian in a Virtual Machine Google Android Data Settlement Linux terminal Android

Google Enables Linux Terminal on Android, Running Debian in a Virtual Machine

Do Son October 14, 2024

Google recently added a feature called “ferrochrome-dev-option” to the Android Open Source Project (AOSP), incorporating a “Linux...

Popular Java Security Framework ‘pac4j’ Vulnerable to RCE (CVE-2023-25581) CVE-2023-25581 - pac4j

Popular Java Security Framework ‘pac4j’ Vulnerable to RCE (CVE-2023-25581)

Do Son October 13, 2024

A new analysis by security researcher Michael Stepankin (@artsploit) of the GitHub Security Lab (GHSL) has uncovered...

$50,000 Bounty: Researcher Reveals Critical Zendesk Email Spoofing Flaw (CVE-2024-49193)

Do Son October 13, 2024

In a detailed analysis by security researcher Daniel, a serious vulnerability in Zendesk’s email management system, tracked...

Bitcoin Core Vulnerability (CVE-2024-35202) Enables Remote Node Crashes Bitcoin Core Node Crash CVE-2024-52911 CVE-2024-35202 - Bitcoin Core

Bitcoin Core Vulnerability (CVE-2024-35202) Enables Remote Node Crashes

Do Son October 13, 2024

A high-severity vulnerability, tracked as CVE-2024-35202 and assigned a CVSS v3.0 base score of 7.5, has been...

GitHub Enterprise Server Patches Critical Security Flaw – CVE-2024-9487 (CVSS 9.5) CVE-2024-9487 - CVE-2025-23369 PoC

GitHub Enterprise Server Patches Critical Security Flaw – CVE-2024-9487 (CVSS 9.5)

Do Son October 13, 2024

GitHub has released security updates to address two vulnerabilities in GitHub Enterprise Server, one of which could...

Banking Trojan TrickMo Compromised 13,000 Devices, Now Steals Device Unlock Patterns and PINs TrickMo Banking Trojan

Banking Trojan TrickMo Compromised 13,000 Devices, Now Steals Device Unlock Patterns and PINs

Do Son October 13, 2024

Aazim Yaswant, a Malware Analyst at Zimperium, has published a comprehensive analysis of the latest TrickMo samples,...

Thousands of Fortinet Devices Remain Exposed to RCE CVE-2024-23113 Vulnerability

Do Son October 13, 2024

A recent report from the Shadowserver Foundation has revealed a concerning number of Fortinet devices remain vulnerable...

Apache Roller Patches CSRF Flaw CVE-2024-46911 in Latest Update Apache Roller - CVE-2024-46911

Apache Roller Patches CSRF Flaw CVE-2024-46911 in Latest Update

Do Son October 13, 2024

The Apache Software Foundation has released a security update for Apache Roller, a popular Java-based blogging platform....

Microsoft Issues Guidance to Combat Rising Kerberoasting Attacks

Do Son October 13, 2024

Microsoft has released new guidance to help organizations defend against Kerberoasting attacks, a growing threat to Active...

Plane Project Management Tool Patches Critical SSRF Flaw – CVE-2024-47830 (CVSS 9.3) project management tool - CVE-2024-47830

Plane Project Management Tool Patches Critical SSRF Flaw – CVE-2024-47830 (CVSS 9.3)

Do Son October 13, 2024

A critical security vulnerability has been discovered and patched in Plane, a popular open-source project management tool....

DarkVision RAT: The $60 Malware Threatening Your Data

Do Son October 13, 2024

A detailed technical analysis of DarkVision RAT by security researcher Muhammed Irfan V A at ThreatLabz has...

Suspected Nation-State Adversary Exploits Ivanti CSA in a Series of Sophisticated Attacks hackerbot-claw campaign Cisco RCE Exploit CVE-2026-20045 SonicWall VPN, Akira Ransomware Nobelium Apache Tomcat, Apache Camel

hackerbot-claw campaign Cisco RCE Exploit CVE-2026-20045 SonicWall VPN, Akira Ransomware Nobelium Apache Tomcat, Apache Camel

Suspected Nation-State Adversary Exploits Ivanti CSA in a Series of Sophisticated Attacks

Do Son October 12, 2024

Fortinet’s FortiGuard Labs recently released a detailed analysis of a sophisticated cyberattack targeting the Ivanti Cloud Services...

CVE-2024-9180: HashiCorp Vault Vulnerability Could Lead to Privilege Escalation Vault LDAP Bypass, Terraform Insecure Default Vault Community Edition - CVE-2024-9180

Vault LDAP Bypass, Terraform Insecure Default Vault Community Edition - CVE-2024-9180

CVE-2024-9180: HashiCorp Vault Vulnerability Could Lead to Privilege Escalation

Do Son October 12, 2024

HashiCorp has issued a security bulletin disclosing a vulnerability in its Vault secret management platform that could...

Microsoft Deprecates Aging VPN Protocols PPTP and L2TP in Future Windows Server Versions Windows Server 2025 Accidental Upgrade Windows Server 2008 final support 2026, Premium Assurance expiration Windows Server, update bug Windows Server PPTP Vulnerability KB5051987 Hotpatching

Microsoft Deprecates Aging VPN Protocols PPTP and L2TP in Future Windows Server Versions

Do Son October 11, 2024

Microsoft is taking a significant step towards enhancing VPN security by deprecating the aging Point-to-Point Tunneling Protocol...