Zyxel Command Injection Flaws Let Attackers Run OS Commands
Three Command injection vulnerabilities have been discovered in Zyxel NAS (Network Attached Storage) products, which could allow a threat actor to execute system commands...
NukeSped Malware Exploiting Apache ActiveMQ Vulnerability
The Andariel threat group has been discovered installing malware via the exploitation of the Apache ActiveMQ remote code execution vulnerability classified as CVE-2023-46604.The group is known...
Cisco Patched Products Vulnerable to HTTP/2 Rapid Reset Attack
A new high-severity vulnerability has been discovered in multiple Cisco products, which could potentially allow HTTP/2 Rapid Reset Attack.This vulnerability enables a novel...
117 Vulnerabilities Discovered in Microsoft 365 Apps
Microsoft 365 Apps is a suite of productivity tools that includes the following apps and services offered by Microsoft through a subscription service:-Microsoft TeamsOneDriveSharePointPowerPointOutlookWordExcelMicrosoft...
FortiSIEM Injection Flaw: Let Attackers Execute Malicious Commands
Fortinet notifies users of a critical OS command injection vulnerability in the FortiSIEM report server that might enable an unauthenticated, remote attacker to execute...
ManageEngine Information Disclosure Flaw Exposes Encryption Keys
ManageEngine, one of the most widely used IT infrastructure management platforms that offers more than 60 Enterprise IT management tools, has been discovered with...
Reptar – A New CPU Vulnerability Affects Intel and AMD CPUs
A critical CPU vulnerability can pose a significant threat by allowing:-Unauthorized access to sensitive dataEnabling malicious code executionCompromise the overall security of a system. System...
SysAid IT Service Software 0-day Exploited to Deploy Cl0p Ransomware
SysAid On-Prem software has been reported with a 0-day vulnerability determined during an incident response investigation.According to Microsoft, attackers are exploiting this zero-day vulnerability...
Buffer Overflow Flaws in Trusted Platform Modules Allow Malicious Commands
Trusted Computing Group’s Trust Platform Module 2.0 reference library specification has been discovered with two buffer overflow vulnerabilities that threat actors can exploit to...
Veeam Critical Flaws Let Attackers Execute Remote Code and Steal NTLM Hashes
Veeam, a Global Leader in Data Protection, issued hotfixes to address four vulnerabilities affecting the Veeam ONE IT infrastructure monitoring and analytics platform.Two vulnerabilities are classified as...