• The Cyber Express

The Cybersecurity and Infrastructure Security Agency (CISA) recently updated its Known Exploited Vulnerabilities (KEV) Catalog by adding five vulnerabilities that have been actively exploited in the w ... Read more

• The Cyber Express

The Toronto Zoo has disclosed a cyberattack that targeted the Zoo in early January 2024. The zoo has since conducted an extensive analysis to understand the full scope of the breach and notify those a ... Read more

• The Cyber Express

CVE-2025-27364, a critical Remote Code Execution (RCE) flaw has been discovered in MITRE Caldera, an open-source adversary emulation platform used by security professionals. This flaw could allow atta ... Read more

• security.nl

Aanvallers maken actief misbruik van een kwetsbaarheid in Oracle Agile Product Lifecycle Management (PLM), zo meldt het Amerikaanse cyberagentschap CISA. Oracle Agile PLM is een platform dat bedrijven ... Read more

• The Hacker News

Network Security / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two security flaws impacting Adobe ColdFusion and Oracle Agile Product Lifecycle Management ... Read more

• Cyber Security News

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory regarding CVE-2024-20953, a high-severity deserialization vulnerability in Oracle’s Agile Product Lifecycle Ma ... Read more

• Cybersecurity News

Cybersecurity and Infrastructure Security Agency (CISA) has added two critical security vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, signaling active exploitation in the wild. ... Read more

• The Cyber Express

The Cybersecurity and Infrastructure Security Agency (CISA) has recently updated its Known Exploited Vulnerabilities (KEV) Catalog by adding several new vulnerabilities that have been actively exploit ... Read more

• The Register

Oracle has delivered its regular quarterly collection of patches: 603 in total, 318 for its own products, and another 285 for Linux code it ships. Big Red’s VP of security assurance Eric Maurice singl ... Read more

• The Hacker News

Vulnerability / Enterprise Security Oracle is urging customers to apply its January 2025 Critical Patch Update (CPU) to address 318 new security vulnerabilities spanning its products and services. The ... Read more

• The Cyber Express

The BayMark Health Services, Inc. has reported a data breach to the California Attorney General, revealing that an unauthorized party had accessed sensitive files within the company’s computer network ... Read more

• The Cyber Express

The rise of cyberattacks has changed the dynamics of global industries, with cybercriminals increasingly targeting sectors that hold vast amounts of sensitive data, financial resources, or critical in ... Read more

• TheCyberThrone

This is the continuation of Zeroday vulnerabilities in 2024. Let’s delve deeply into the continuation of  zero-day vulnerabilities of 2024, providing a comprehensive analysis.1. CVE-2023-46805: Authen ... Read more

• Cybersecurity News

Foxit has released a crucial security update for its widely used Foxit PDF Reader and Foxit PDF Editor. The update, version 2024.4, resolves multiple vulnerabilities that pose significant risks, inclu ... Read more

• The Cyber Express

The Cybersecurity and Infrastructure Security Agency (CISA) recently updated its Known Exploited Vulnerabilities (KEV) Catalog, adding three critical vulnerabilities that are being actively exploited ... Read more

• The Cyber Express

A recent Cyble ICS vulnerabilities report sheds light on several critical vulnerabilities in industrial control systems (ICS) from major vendors including Schneider Electric, mySCADA, and Automated Lo ... Read more

• The Cyber Express

Zyxel Firewalls have become a key target in recent cyberattacks, with attackers exploiting a critical vulnerability to deploy the dangerous Helldown ransomware. The German CERT (CERT-Bund) has issued ... Read more

• Cybersecurity News

Researchers have identified and addressed three critical vulnerabilities in Contiki-NG, a popular open-source operating system for Internet of Things (IoT) devices. These vulnerabilities could allow a ... Read more

• The Cyber Express

The Australian government has passed the new Cyber Security Act, which was recently approved by Parliament. One of the most critical provisions of this new law mandates that organizations must report ... Read more

• The Cyber Express

Oracle’s Agile Product Lifecycle Management (PLM) software has been flagged for a security vulnerability (CVE-2024-21287) by CERT-In (Computer Emergency Response Team – India). The vulnerability, cata ... Read more

• Cybersecurity News

Image: GergelySecurity researcher Gergely Kalman has detailed a high-severity vulnerability in Apple’s MallocStackLogging framework that could allow attackers to gain local privilege escalation (LPE) ... Read more

• Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: 2,000 Palo Alto Networks devices compromised in latest attacks Attackers have compromised around 2,000 ... Read more

• Cybersecurity News

A critical-severity vulnerability has been discovered in FluentSMTP, a widely used WordPress plugin designed to optimize email deliverability. Tracked as CVE-2024-9511 and assigned a CVSS v3.1 score o ... Read more

• TheCyberThrone

Researchers from Shadowserver have revealed that approximately 2,000 Palo Alto Networks firewalls have been compromised leavaraging recently discovered zeroday bugs. namely  CVE-2024-0012 and CVE-2024 ... Read more

• TheCyberThrone

NVIDIA has released a patch addressing a critical vulnerability in its Base Command Manager software, that could pose significant risks, including the potential for remote code execution, denial of se ... Read more

• Cybersecurity News

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about three actively exploited vulnerabilities affecting Apple and Oracle products. These flaws, added to CISA’ ... Read more

• TheCyberThrone

A high-severity vulnerability has been discovered in Kubernetes, potentially allowing attackers to execute arbitrary commands outside of container boundaries.The vulnerability tracked as CVE-2024-1022 ... Read more

• The Hacker News

Software Security / Vulnerability Oracle is warning that a high-severity security flaw impacting the Agile Product Lifecycle Management (PLM) Framework has been exploited in the wild. The vulnerabilit ... Read more

• Cybersecurity News

Oracle has issued an urgent security alert regarding a critical vulnerability in its Agile Product Lifecycle Management (PLM) software, tracked as CVE-2024-21287. This flaw allows attackers to remotel ... Read more

• BleepingComputer

Oracle has fixed an unauthenticated file disclosure flaw in Oracle Agile Product Lifecycle Management (PLM) tracked as CVE-2024-21287, which was actively exploited as a zero-day to download files. Ora ... Read more

• Help Net Security

Oracle has released a security patch for CVE-2024-21287, a remotely exploitable vulnerability in the Oracle Agile PLM Framework that is, according to Tenable researchers, being actively exploited by a ... Read more

• security.nl

Oracle heeft buiten de vaste patchcyclus om een noodupdate uitgebracht voor een actief aangevallen kwetsbaarheid in Agile Product Lifecycle Management (PLM). De aanvallen vonden al voor het uitkomen v ... Read more