ShadowRay Campaign Exploits Critical Ray Framework Vulnerabilities to Compromise AI Workloads Globally
Apr 26, 2024
Categories
Top Articles
APT28 Deploys ‘GooseEgg’ in Attacks Exploiting the Windows Print Spooler Vulnerability, CVE-2022-38028
Apr 24, 2024
OpenMetadata Vulnerabilities Allow Attackers to Cryptomine in Kubernetes Environments
Apr 18, 2024
CVE-2024-21006 in Oracle WebLogic Server – Oracle’s April 2024 Update Brings 441 New Security Patches
Apr 17, 2024
Committing a Sin, OpenJS Foundation and XZ Utils Incidents: Lessons in Open Source Security
Apr 17, 2024
Apr 26, 2024
ShadowRay Campaign Exploits Critical Ray Framework Vulnerabilities to ...
ShadowRay Campaign Exploits Critical Ray Framework Vulnerabilities to Compromise AI Workloads Globally Since September 5, 2023, a sophisticated cyber threat named the ‘ShadowRay’ campaign has targeted...
Learn More
Apr 24, 2024
APT28 Deploys ‘GooseEgg’ in Attacks Exploiting the Windows Print Spool...
APT28 Deploys ‘GooseEgg’ in Attacks Exploiting the Windows Print Spooler Vulnerability, CVE-2022-38028 Microsoft recently shed light on a campaign orchestrated by the Russian-based threat actor Forest...
Learn More
Apr 18, 2024
OpenMetadata Vulnerabilities Allow Attackers to Cryptomine in Kubernet...
OpenMetadata Vulnerabilities Allow Attackers to Cryptomine in Kubernetes Environments Recent findings from a Microsoft security blog reveal that attackers exploit newly discovered critical vulnerabili...
Learn More
Apr 17, 2024
CVE-2024-21006 in Oracle WebLogic Server – Oracle’s April 2024 Update ...
CVE-2024-21006 in Oracle WebLogic Server – Oracle’s April 2024 Update Brings 441 New Security Patches Oracle has released its Critical Patch Update advisory for April 2024, which addresses vulnerabili...
Learn More
Apr 17, 2024
Committing a Sin, OpenJS Foundation and XZ Utils Incidents: Lessons in...
Committing a Sin, OpenJS Foundation and XZ Utils Incidents: Lessons in Open Source Security Recent events have brought to light critical issues related to cybersecurity threats and social engineering ...
Learn More
Apr 17, 2024
Ivanti Avalanche Received an Update for Over Two Dozen Vulnerabilities...
Ivanti Avalanche Received an Update for Over Two Dozen Vulnerabilities (CVE-2024-24996, CVE-2024-29204…) Ivanti has recently issued security updates to address multiple vulnerabilities in Avalanche. T...
Learn More
Apr 16, 2024
Major Cyber Attacks in Review: March 2024
Major Cyber Attacks in Review: March 2024 March 2024 witnessed a wave of cyber attacks targeting prominent organizations globally. From telecommunications giants to government pension funds, several h...
Learn More
Apr 15, 2024
Cyber Reflections of Iran's Attack on Israel
Cyber Reflections of Iran’s Attack on Israel [Update] April 22, 2024: “Israeli Hackers Strike Back: Cyber Av3ngers Hacked” [Update] April 17, 2024: “Ongoing Hacktivist Activities” On Saturday and earl...
Learn More
Apr 15, 2024
Critical PHP Vulnerabilities: Update Now to Prevent Takeovers and Comm...
Critical PHP Vulnerabilities: Update Now to Prevent Takeovers and Command Injection (CVE-2024-1874, CVE-2024-2756, CVE-2024-3096, CVE-2024-2757) The PHP development team recently announced security up...
Learn More
Apr 12, 2024
Critical OS Command Injection Vulnerability in Palo Alto's GlobalProte...
Critical OS Command Injection Vulnerability in Palo Alto’s GlobalProtect Gateway: CVE-2024-3400. The patch is not available yet. [Update] April 17, 2024: “PoC Exploit Available for CVE-2024-3400: Rese...
Learn More
Apr 10, 2024
Microsoft’s April 2024 Patch Tuesday, 149 Vulnerabilities Patched, Inc...
Microsoft’s April 2024 Patch Tuesday, 149 Vulnerabilities Patched, including 2 Zero-Day Vulnerabilities Microsoft’s April 2024 Patch Tuesday was a substantial release addressing a total of 149 securit...
Learn More
Apr 04, 2024
Ivanti Connect Secure and Policy Secure Gateways Vulnerable to DoS and...
Ivanti Connect Secure and Policy Secure Gateways Vulnerable to DoS and Code Execution (CVE-2024-21894) Ivanti recently released patches to fix multiple vulnerabilities found in their popular Connect S...
Learn More
Apr 04, 2024
Google's Response to Pixel Zero-Days: CVE-2024-29745, CVE-2024-29748; ...
Google’s Response to Pixel Zero-Days: CVE-2024-29745, CVE-2024-29748; Chrome V8 Zero-Day, CVE-2024-3159 [Update] April 5, 2024: “CISA Urges Immediate Action on Pixel Zero-Day Vulnerabilities” Google ...
Learn More
Apr 03, 2024
Critical OS Command Injection Flaw in Progress Flowmon: CVE-2024-2389
Critical OS Command Injection Flaw in Progress Flowmon: CVE-2024-2389 [Update] April 25, 2024: “PoC Exploit Code is Available for CVE-2024-2389 in Flowman” Progress disclosed a highly critical vulnera...
Learn More
Apr 01, 2024
What Do You Need to Know About the Linux XZ Utils Vulnerability, CVE-2...
What Do You Need to Know About the Linux XZ Utils Vulnerability, CVE-2024-3094? A researcher has identified a critical vulnerability in Linux’s XZ Utils, a command line tool for XZ format compression....
Learn More
Mar 29, 2024
Cisco Fixes Numerous DoS Vulnerabilities in IOS, IOS XE, and Access Po...
Cisco Fixes Numerous DoS Vulnerabilities in IOS, IOS XE, and Access Point Software Cisco recently addressed multiple Denial-of-Service (DoS) vulnerabilities across its product range, including Cisco I...
Learn More
Mar 27, 2024
High-Severity Vulnerability in Popular WordPress Plugin ‘File Manager’...
High-Severity Vulnerability in Popular WordPress Plugin ‘File Manager’ Could Lead to CSRF Attacks (CVE-2024-1538) A high-severity security vulnerability, identified as CVE-2024-1538, has recently come...
Learn More
Mar 25, 2024
OpenVPN Fixed Multiple Vulnerabilities on Windows Version: Risk of Pri...
OpenVPN Fixed Multiple Vulnerabilities on Windows Version: Risk of Privilege Escalation, Remote Access OpenVPN, with the release of a new version, addressed severe security vulnerabilities, specifical...
Learn More
Mar 22, 2024
Critical SQL Injection Vulnerability in PgJDBC Affects Atlassian Bambo...
Critical SQL Injection Vulnerability in PgJDBC Affects Atlassian Bamboo Data Center and Server (CVE-2024-1597) Atlassian recently patched a critical vulnerability and 24 high-severity vulnerabilities,...
Learn More
Mar 21, 2024
Critical RCEs: Ivanti Standalone Sentry (CVE-2023-41724), Neurons for ...
Critical RCEs: Ivanti Standalone Sentry (CVE-2023-41724), Neurons for ITSM (CVE-2023-46808), Telerik Report Server (CVE-2024-1800) [Update] March 22, 2024: “CISA Warns for the Vulnerabilities in Ivant...
Learn More
