vulnerabilities
-
Weaponized LDAP Exploit Deploys Information-Stealing Malware
Cybercriminals are exploiting the recent critical LDAP vulnerabilities (CVE-2024-49112 and CVE-2024-49113) by distributing fake proof-of-concept exploits for CVE-2024-49113 (dubbed “LDAPNightmare”). …
Read More » -
Chrome Security Update – Patch for Multiple Security Vulnerabilities
Google has released an update for its Chrome web browser, advancing to version 131.0.6778.264/.265 for Windows and Mac, and 131.0.6778.264…
Read More » -
Patch for Critical RCE Vulnerabilities
The January 2025 Android Security Bulletin has issued important updates regarding critical vulnerabilities that affect Android devices. Users are urged…
Read More » -
WordPress Plugin Vulnerability Exposes 3 Million Websites to Injection Attacks
A critical vulnerability has been identified in the popular UpdraftPlus: WP Backup & Migration Plugin, potentially impacting over 3 million…
Read More » -
PoC Exploit Released for Critical OpenSSH Vulnerability (CVE-2024-6387)
An alarming new development emerged in the cybersecurity landscape with the release of a proof-of-concept (PoC) exploit targeting the critical…
Read More » -
ASUS Critical Vulnerabilities Let Attackers Execute Arbitrary Commands
72 Hours to Audit-Ready API Security APIs present a unique challenge in this landscape, as risk assessment and mitigation are…
Read More » -
DrayTek Devices Vulnerability Let Attackers Arbitrary Commands Remotely
The DrayTek Gateway devices, more specifically the Vigor2960 and Vigor300B models, are susceptible to a critical command injection vulnerability. Exploitable…
Read More » -
TrueNAS CORE Vulnerability Let Attackers Execute Remote Code
Security researchers Daan Keuper, Thijs Alkemade, and Khaled Nassar from Computest Sector 7 disclosed a critical vulnerability in TrueNAS CORE,…
Read More » -
US Treasury Department Breach, Hackers Accessed Workstations
The Biden administration confirmed that a Chinese state-sponsored hacking group breached the U.S. Treasury Department, gaining unauthorized access to employee…
Read More »