CVE/vulnerability
WordPress Plugin Vulnerability Exposes 3 Million Websites to Injection Attacks
A critical vulnerability has been identified in the popular UpdraftPlus: WP Backup & Migration Plugin, potentially impacting over 3 million WordPress websites.This security flaw...
Cyber Attack
Malicious npm Packages Stealing Developers’ Sensitive Data
Attackers published 20 malicious npm packages impersonating legitimate Nomic Foundation and Hardhat plugins, where these packages, downloaded over 1,000 times, compromised development environments and...
Cyber Security News
Garak – An Open Source LLM Vulnerability Scanner for AI Red-Teaming
Garak is a free, open-source tool specifically designed to test the robustness and reliability of Large Language Models (LLMs).Inspired by utilities like Nmap...
CVE/vulnerability
Windows Registry Privilege Escalation Vulnerability – PoC Released
Researchers have released a proof of concept (PoC) exploit for a critical privilege escalation vulnerability affecting Microsoft Windows.This vulnerability, CVE-2024-43452, allows attackers to gain...
CVE/vulnerability
ASUS Critical Vulnerabilities Let Attackers Execute Arbitrary Commands
In a recent security advisory, ASUS has alerted users to critical vulnerabilities affecting several of its router models. These flaws, tracked as CVE-2024-12912 and CVE-2024-13062, pose severe risks...
CVE/vulnerability
iTerm2 Emulator Vulnerability Let Attackers Access Sensitive User Data
 A critical vulnerability discovered in the popular macOS terminal emulator iTerm2 has raised concerns among cybersecurity experts and software users.The flaw, which could...
CVE/vulnerability
Trend Micro Apex One Vulnerabilities Let Escalate Privilege
Trend Micro has addressed six high-severity vulnerabilities in its Apex One and Apex One as a Service product, which could allow attackers to escalate privileges on affected Windows...
CVE/vulnerability
CISA Warns of Palo Alto Networks PAN-OS Vulnerability Exploited in Wild
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority alert on a critical vulnerability in Palo Alto Networks PAN-OS.Tracked as CVE-2024-3393, this...