Thursday, November 30, 2023

North Korean Hackers Exploiting Zero-day Vulnerabilities & Supply Chains

The DPRK has been a great threat to organizations in recent times. Their attack methods have been discovered with several novel techniques involving different...

Dell Command Configure Vulnerability Let Attackers Compromise Vulnerable Systems

It has been discovered that there is a high-severity vulnerability in Dell Command Configure that could potentially be exploited by malicious users to compromise...

Critical AI Tool Vulnerabilities Let Attackers Execute Arbitrary Code

Multiple critical flaws in the infrastructure supporting AI models have been uncovered by researchers, which raise the risk of server takeover, theft of sensitive information, model poisoning, and...

FortiSIEM Injection Flaw: Let Attackers Execute Malicious Commands

Fortinet notifies users of a critical OS command injection vulnerability in the FortiSIEM report server that might enable an unauthenticated, remote attacker to execute...
Security Flaw Zoom Client

Beware! Hackers Can Now Exploit a Security Flaw in Zoom Client

The popular video messaging platform Zoom has discovered multiple vulnerabilities affecting Zoom Clients. These vulnerabilities might allow an unauthorized user to carry out denial-of-service, privilege...

ManageEngine Information Disclosure Flaw Exposes Encryption Keys

ManageEngine, one of the most widely used IT infrastructure management platforms that offers more than 60 Enterprise IT management tools, has been discovered with...
Reptar CPU Vulnerability

Reptar – A New CPU Vulnerability Affects Intel and AMD CPUs

A critical CPU vulnerability can pose a significant threat by allowing:-Unauthorized access to sensitive dataEnabling malicious code executionCompromise the overall security of a system. System...

SysAid IT Service Software 0-day Exploited to Deploy Cl0p Ransomware

SysAid On-Prem software has been reported with a 0-day vulnerability determined during an incident response investigation.According to Microsoft, attackers are exploiting this zero-day vulnerability...

Hackers Actively Exploiting Big-IP and Citrix Vulnerabilities

Experts issued security alerts concerning the ongoing exploitation of Big-IP (CVE-2023-46747, CVE-2023-46748) and Citrix (CVE-2023-4966) vulnerabilities.The publicly available Proof of Concepts (POCs) for these...

Buffer Overflow Flaws in Trusted Platform Modules Allow Malicious Commands

Trusted Computing Group’s Trust Platform Module 2.0 reference library specification has been discovered with two buffer overflow vulnerabilities that threat actors can exploit to...

Managed WAF protection


Recent Articles