CVE/vulnerability
Confusion Attacks Vulnerability In Apache HTTP Server Allow Attackers To Gain Root Access Remotely
The Apache HTTP Server relies on hundreds of independently developed modules to handle client requests, sharing a complex data structure for communication. While modularity promotes...
Cyber Attack
DarkGate Malware Exploiting Excel Files And SMB File Shares
DarkGate, a Malware-as-a-Service (MaaS) platform, experienced a surge in activity since September 2023, employing various distribution methods, including email attachments, malicious ads, and compromised...
CVE/vulnerability
Gogs Vulnerabilities Let Attackers Hack Instances & Steal Source Code
Gogs is a standard open-source code hosting system used by many developers.Several Gogs vulnerabilities have been discovered recently by the cybersecurity researchers at SonarSource. Gogs...
Cross site Scripting
Hackers Use Windows XSS Flaw To Execute Arbitrary Command In MMC Console
Attackers are leveraging a new infection technique called GrimResource that exploits MSC files.By crafting malicious MSC files, they can achieve full code execution...
CVE/vulnerability
New Webkit Vulnerabilities Let Attackers Exploit PS4 And PS5 Playstations
Webkit vulnerabilities in PS4 and PS5 refer to bugs found in the Webkit engine used by their web browsers.These bugs, discovered in browsers...
CVE/vulnerability
Microsoft Power BI Vulnerability Let Attackers Access Organizations Sensitive Data
A vulnerability in Microsoft Power BI allows unauthorized users to access sensitive data underlying reports, which affects tens of thousands of organizations and grants...
Cross site Scripting
Mailcow Mail Server Vulnerability Let Attackers Execute Remote Code
Two critical vulnerabilities (CVE-2024-31204 and CVE-2024-30270) affecting Mailcow versions before 2024-04 allow attackers to execute arbitrary code on the server.An attacker can exploit...
Artificial Intelligence
Sleepy Pickle Exploit Let Attackers Exploit ML Models And Attack End-Users
Hackers are targeting, attacking, and exploiting ML models. They want to hack into these systems to steal sensitive data, interrupt services, or manipulate outcomes...