cyber security
Google to offer $250,000 for Full VM Escape Zero-day Vulnerability
Google has unveiled kvmCTF, a new vulnerability reward program (VRP) explicitly targeting the Kernel-based Virtual Machine (KVM) hypervisor.This initiative, first announced in October 2023,...
cyber security
Water Sigbin Exploiting Oracle WebLogic Server Flaw
Water Sigbin (8220 Gang) exploits vulnerabilities (CVE-2017-3506, CVE-2023-21839) in Oracle WebLogic servers to deliver cryptocurrency miners using PowerShell scripts. They use a multi-stage loading technique...
cyber security
regreSSHion – OpenSSH RCE Vulnerability Impacts 700K Linux Systems
The Qualys Threat Research Unit has identified a newly discovered vulnerability in OpenSSH, dubbed "regreSSHion" (CVE-2024-6387).This critical flaw, which allows unauthenticated remote code...
Cyber Security News
Juniper Releases Out-Of-Cycle Critical Update for Smart Routers
Juniper Networks has released an out-of-cycle critical update to address a severe vulnerability affecting its Session Smart Router, Session Smart Conductor, and WAN Assurance...
CVE/vulnerability
Poc Exploit Released for Fortra Filecatalyst SQL Injection Vulnerability
A Proof-of-Concept (PoC) exploit has been released for a critical SQL Injection vulnerability in Fortra FileCatalyst Workflow.This vulnerability could potentially allow attackers to...
CVE/vulnerability
Multiple TP-Link Omada Vulnerabilities Let Attackers Execute Remote Code
Multiple vulnerabilities have been identified in the TP-Link Omada system, a software-defined networking solution widely used by small to medium-sized businesses.These vulnerabilities, if...
CVE/vulnerability
Critical Vulnerability in MOVEit Transfer Let Hackers Gain Files Access
A critical security vulnerability, CVE-2024-5806, has been identified in MOVEit Transfer, a widely used managed file transfer software. The vulnerability poses significant risks to organizations relying on the software for secure...
Cyber Attack
Stuxnet, The Malware That Propagates To Air-Gapped Networks
Stuxnet, a complex worm discovered in 2010, targeted Supervisory Control and Data Acquisition (SCADA) systems used in industrial facilities.By exploiting multiple vulnerabilities, including...