Vulnerability

Researcher Details Cisco Smart Licensing that Lets Attacker Control Device

Cisco disclosed a critical vulnerability identified as CVE-2024-20439, affecting its Smart Licensing Utility. An independent researcher discovered this vulnerability through…

6 months ago

FreeBSD RCE Vulnerability Let Attackers Execute Malicious Code

FreeBSD has disclosed a critical remote code execution (RCE) vulnerability affecting its bhyve hypervisor. This vulnerability, CVE-2024-41721, could allow attackers…

6 months ago

CISA Releases Six Advisories for Industrial Control Systems

The Cybersecurity and Infrastructure Security Agency (CISA) has issued six advisories concerning vulnerabilities: Rockwell Automation's RSLogix 5 and RSLogix 500…

7 months ago

GitLab Urges Organization to Patch for Authentication Bypass Vulnerability

GitLab has issued an urgent call to action for organizations using its platform to patch a critical authentication bypass vulnerability.…

7 months ago

Ransomware Groups Abusing Azure Storage Explorer For Stealing Data

Ransomware attackers are increasingly exfiltrating data using tools like MEGAsync and Rclone. Shellbags analysis by modePUSH reveals their navigation of…

7 months ago

LibreOffice Repair Mode Vulnerability Let Attackers Mark the Document as Not Valid

LibreOffice users are urged to update their software after disclosing a critical vulnerability, CVE-2024-7788, which affects the document repair mode.…

7 months ago

Microsoft Windows Kernel Vulnerability Exploited in the Wild

Microsoft has confirmed the exploitation of a Windows Kernel vulnerability, identified as CVE-2024-37985, in the wild. This vulnerability, first released…

7 months ago

Chrome 129 Released with Fix for Multiple Security Vulnerabilities

The Chrome team has officially announced the release of Chrome 129, which is now available on the stable channel for…

7 months ago

VMware vCenter Server Vulnerability Let Attackers Escalate Privileges

VMware has issued a critical security advisory (VMSA-2024-0019) addressing two significant vulnerabilities in its vCenter Server and VMware Cloud Foundation…

7 months ago

CISA Warns of Windows MSHTML & Progress WhatsUp Gold Flaw Exploited Widely

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding two critical vulnerabilities affecting Microsoft Windows MSHTML…

7 months ago