Vulnerabilities

Azure Data Factory And Apache Airflow Integration Flaws Let Attackers Gain Write AccessAzure Data Factory And Apache Airflow Integration Flaws Let Attackers Gain Write Access

Azure Data Factory And Apache Airflow Integration Flaws Let Attackers Gain Write Access

Researchers have uncovered vulnerabilities in Microsoft Azure Data Factory's integration with Apache Airflow, which could potentially allow attackers to gain…

4 months ago
Over 300,000 Prometheus Servers Vulnerable to DoS Attacks Due to RepoJacking ExploitOver 300,000 Prometheus Servers Vulnerable to DoS Attacks Due to RepoJacking Exploit

Over 300,000 Prometheus Servers Vulnerable to DoS Attacks Due to RepoJacking Exploit

The research identified vulnerabilities in Prometheus, including information disclosure from exposed servers, DoS risks from pprof endpoints, and potential code…

4 months ago
Reyee OS IoT Devices Compromised: Over-The-Air Attack Bypasses Wi-Fi LoginsReyee OS IoT Devices Compromised: Over-The-Air Attack Bypasses Wi-Fi Logins

Reyee OS IoT Devices Compromised: Over-The-Air Attack Bypasses Wi-Fi Logins

Researchers discovered multiple vulnerabilities in Ruijie Networks' cloud-connected devices. By exploiting these vulnerabilities, attackers can remotely compromise access points, gain…

4 months ago
Thousands Of Internet-Exposed Ivanti VPN Appliances Vulnerable To RCE AttacksThousands Of Internet-Exposed Ivanti VPN Appliances Vulnerable To RCE Attacks

Thousands Of Internet-Exposed Ivanti VPN Appliances Vulnerable To RCE Attacks

In a recent cybersecurity revelation, Ivanti, a leading provider of enterprise-grade secure access solutions, has been found to have significant…

12 months ago
Critical ChatGPT Plugins Flaw Let Attackers Gain Control Over Organization’s AccountCritical ChatGPT Plugins Flaw Let Attackers Gain Control Over Organization’s Account

Critical ChatGPT Plugins Flaw Let Attackers Gain Control Over Organization’s Account

Threat actors can exploit ChatGPT's ecosystem for several illicit purposes, such as crafting prompts to generate malicious code, phishing lures,…

1 year ago
Multiple Flaws in ArubaOS Switches Let Attackers Execute Remote CodeMultiple Flaws in ArubaOS Switches Let Attackers Execute Remote Code

Multiple Flaws in ArubaOS Switches Let Attackers Execute Remote Code

Multiple vulnerabilities have been identified in ArubaOS-Switch Switches, specifically pertaining to Stored Cross-site Scripting (Stored XSS), Denial of Service (DoS),…

2 years ago
HPE Aruba Networking Product Vulnerabilities Allow File OverwriteHPE Aruba Networking Product Vulnerabilities Allow File Overwrite

HPE Aruba Networking Product Vulnerabilities Allow File Overwrite

The vulnerabilities, CVE-2023-38401 and CVE-2023-38402, affect the HPE Aruba Networking Virtual Intranet Access (VIA) client for the Microsoft Windows operating…

2 years ago
CISA Advisory of Top 42 Frequently Exploited Flaws of 2022CISA Advisory of Top 42 Frequently Exploited Flaws of 2022

CISA Advisory of Top 42 Frequently Exploited Flaws of 2022

The Cybersecurity and Infrastructure Security Agency (CISA) has published a report which was co-authored by the NSA, FBI, and the…

2 years ago
RouterSploit – Exploitation Framework for Embedded devicesRouterSploit – Exploitation Framework for Embedded devices

RouterSploit – Exploitation Framework for Embedded devices

The RouterSploit Framework is an open-source exploitation framework devoted to embedded devices. It includes various modules that aid penetration testing…

2 years ago
Spotify Hack – Over 300k Accounts Hacked in Credential Stuffing AttackSpotify Hack – Over 300k Accounts Hacked in Credential Stuffing Attack

Spotify Hack – Over 300k Accounts Hacked in Credential Stuffing Attack

Spotify is a Swedish-based audio streaming and media services provider, with over 299 million active monthly users in 2020. Noam…

4 years ago