CVE-2024-21006 in Oracle WebLogic Server – Oracle’s April 2024 Update ...
CVE-2024-21006 in Oracle WebLogic Server – Oracle’s April 2024 Update Brings 441 New Security Patches Oracle has released its Critical Patch Update advisory for April 2024, which addresses vulnerabili...
Committing a Sin, OpenJS Foundation and XZ Utils Incidents: Lessons in...
Committing a Sin, OpenJS Foundation and XZ Utils Incidents: Lessons in Open Source Security Recent events have brought to light critical issues related to cybersecurity threats and social engineering ...
Ivanti Avalanche Received an Update for Over Two Dozen Vulnerabilities...
Ivanti Avalanche Received an Update for Over Two Dozen Vulnerabilities (CVE-2024-24996, CVE-2024-29204…) Ivanti has recently issued security updates to address multiple vulnerabilities in Avalanche. T...
Major Cyber Attacks in Review: March 2024
Major Cyber Attacks in Review: March 2024 March 2024 witnessed a wave of cyber attacks targeting prominent organizations globally. From telecommunications giants to government pension funds, several h...
Cyber Reflections of Iran's Attack on Israel
Cyber Reflections of Iran’s Attack on Israel [Update] April 22, 2024: “Israeli Hackers Strike Back: Cyber Av3ngers Hacked” [Update] April 17, 2024: “Ongoing Hacktivist Activities” On Saturday and earl...
Critical PHP Vulnerabilities: Update Now to Prevent Takeovers and Comm...
Critical PHP Vulnerabilities: Update Now to Prevent Takeovers and Command Injection (CVE-2024-1874, CVE-2024-2756, CVE-2024-3096, CVE-2024-2757) The PHP development team recently announced security up...
Critical OS Command Injection Vulnerability in Palo Alto's GlobalProte...
Critical OS Command Injection Vulnerability in Palo Alto’s GlobalProtect Gateway: CVE-2024-3400. The patch is not available yet. [Update] April 17, 2024: “PoC Exploit Available for CVE-2024-3400: Rese...
Microsoft’s April 2024 Patch Tuesday, 149 Vulnerabilities Patched, Inc...
Microsoft’s April 2024 Patch Tuesday, 149 Vulnerabilities Patched, including 2 Zero-Day Vulnerabilities Microsoft’s April 2024 Patch Tuesday was a substantial release addressing a total of 149 securit...
Ivanti Connect Secure and Policy Secure Gateways Vulnerable to DoS and...
Ivanti Connect Secure and Policy Secure Gateways Vulnerable to DoS and Code Execution (CVE-2024-21894) Ivanti recently released patches to fix multiple vulnerabilities found in their popular Connect S...
Google's Response to Pixel Zero-Days: CVE-2024-29745, CVE-2024-29748; ...
Google’s Response to Pixel Zero-Days: CVE-2024-29745, CVE-2024-29748; Chrome V8 Zero-Day, CVE-2024-3159 [Update] April 5, 2024: “CISA Urges Immediate Action on Pixel Zero-Day Vulnerabilities” Google ...
Critical OS Command Injection Flaw in Progress Flowmon: CVE-2024-2389
Critical OS Command Injection Flaw in Progress Flowmon: CVE-2024-2389 [Update] April 25, 2024: “PoC Exploit Code is Available for CVE-2024-2389 in Flowman” Progress disclosed a highly critical vulnera...
What Do You Need to Know About the Linux XZ Utils Vulnerability, CVE-2...
What Do You Need to Know About the Linux XZ Utils Vulnerability, CVE-2024-3094? A researcher has identified a critical vulnerability in Linux’s XZ Utils, a command line tool for XZ format compression....
Cisco Fixes Numerous DoS Vulnerabilities in IOS, IOS XE, and Access Po...
Cisco Fixes Numerous DoS Vulnerabilities in IOS, IOS XE, and Access Point Software Cisco recently addressed multiple Denial-of-Service (DoS) vulnerabilities across its product range, including Cisco I...
High-Severity Vulnerability in Popular WordPress Plugin ‘File Manager’...
High-Severity Vulnerability in Popular WordPress Plugin ‘File Manager’ Could Lead to CSRF Attacks (CVE-2024-1538) A high-severity security vulnerability, identified as CVE-2024-1538, has recently come...
OpenVPN Fixed Multiple Vulnerabilities on Windows Version: Risk of Pri...
OpenVPN Fixed Multiple Vulnerabilities on Windows Version: Risk of Privilege Escalation, Remote Access OpenVPN, with the release of a new version, addressed severe security vulnerabilities, specifical...
Critical SQL Injection Vulnerability in PgJDBC Affects Atlassian Bambo...
Critical SQL Injection Vulnerability in PgJDBC Affects Atlassian Bamboo Data Center and Server (CVE-2024-1597) Atlassian recently patched a critical vulnerability and 24 high-severity vulnerabilities,...
Critical RCEs: Ivanti Standalone Sentry (CVE-2023-41724), Neurons for ...
Critical RCEs: Ivanti Standalone Sentry (CVE-2023-41724), Neurons for ITSM (CVE-2023-46808), Telerik Report Server (CVE-2024-1800) [Update] March 22, 2024: “CISA Warns for the Vulnerabilities in Ivant...
Critical RCE Vulnerability in Fortra FileCatalyst Workflow Threatens F...
Critical RCE Vulnerability in Fortra FileCatalyst Workflow Threatens File Transfer Security (CVE-2024-25153) Fortra FileCatalyst Workflow, a trusted enterprise file transfer solution, is under severe ...
Critical Update for Spring Framework: CVE-2024-22259 Exposes Applicati...
Critical Update for Spring Framework: CVE-2024-22259 Exposes Applications to Open Redirect, SSRF Attacks Spring Framework faces a critical security challenge with the emergence of CVE-2024-22259. This...
Windows SmartScreen Vulnerability Exploited in DarkGate Malware Attack...
Windows SmartScreen Vulnerability Exploited in DarkGate Malware Attacks, Patch CVE-2024-21412 Now [Update] July 25, 2024: “Information Stealer Campaign Exploits the Windows SmartScreen Vulnerabi...