• Cybersecurity News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about two actively exploited vulnerabilities affecting Cisco networking devices and the popular Roundcube ... Read more

• Cybersecurity News

A newly disclosed vulnerability in One Identity Safeguard for Privileged Sessions (SPS) could allow attackers to bypass authentication and gain unauthorized access to privileged sessions. The vulnerab ... Read more

• Cybersecurity News

Cisco Talos researchers uncovered a new and highly adaptive malware family, WarmCookie, also referred to as BadSpace. This malware has been actively used since April 2024, targeting organizations acro ... Read more

• Cybersecurity News

Cisco has recently published a security advisory regarding a critical vulnerability in its Firepower Threat Defense (FTD) software. This vulnerability, identified as CVE-2024-20412, presents a signifi ... Read more

• Cybersecurity News

Source: CTFWar.A new report by the Atlantic Council sheds light on China’s sophisticated and highly structured Capture the Flag (CTF) competition framework, which is helping the country become a globa ... Read more

• The Hacker News

Cybersecurity / Weekly Recap Hi there! Here's your quick update on the latest in cybersecurity. Hackers are using new tricks to break into systems we thought were secure—like finding hidden doors in l ... Read more

• The Cyber Express

The Cybersecurity and Infrastructure Security Agency (CISA) has recently added three vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, emphasizing the pressing need for organizatio ... Read more

• Cybersecurity News

The Matrix.org Security Team has recently disclosed two high-severity vulnerabilities impacting the matrix-js-sdk and matrix-react-sdk. These vulnerabilities, related to MSC3061 (a specification for s ... Read more

• The Register

A critical, hardcoded login credential in SolarWinds' Web Help Desk line has been exploited in the wild by criminals, according to the US Cybersecurity and Infrastructure Security Agency, which has ad ... Read more

• BleepingComputer

CISA has added three flaws to its 'Known Exploited Vulnerabilities' (KEV) catalog, among which is a critical hardcoded credentials flaw in SolarWinds Web Help Desk (WHD) that the vendor fixed in late ... Read more

• security.nl

Aanvallers maken actief gebruik van een hardcoded credential in de software van SolarWinds, zo meldt het Cybersecurity and Infrastructure Security Agency (CISA) van het Amerikaanse ministerie van Home ... Read more

• The Hacker News

Vulnerability / Data Protection The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting SolarWinds Web Help Desk (WHD) software to its Know ... Read more

• TheCyberThrone

The US CISA has added below vulnerabilities to its Known Exploited Vulnerabilities Catalog based on the evidence of active exploitation.CVE-2024-30088 Microsoft Windows Kernel contains a time-of-check ... Read more

• The Cyber Express

Cyble researchers had a busy week, investigating 19 vulnerabilities in the week ended Oct.1 and flagging eight of them as high priority. Cyble’s weekly IT vulnerability report also noted that research ... Read more

• Cybersecurity News

Security researcher Zach Hanley from Horizon3.ai published the technical details and a proof-of-concept (PoC) exploit code for a critical hardcoded credential vulnerability, CVE-2024-28987, in the pop ... Read more

• Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Windows Server 2025 gets hotpatching option, without reboots Organizations that plan to upgrade to Win ... Read more

• Help Net Security

Details about and proof-of-concept (PoC) exploit code for CVE-2024-28987, a recently patched SolarWinds Web Help Desk (WHD) vulnerability that could be exploited by unauthenticated attackers to remote ... Read more

• Cybersecurity News

Please enable JavaScriptIn a notable development in the PC gaming landscape, Windows 11 has officially overtaken its predecessor, Windows 10, as the most widely adopted operating system among Steam us ... Read more

• Cybersecurity News

The CYFIRMA Research and Advisory Team has identified a new and sophisticated cyber threat, dubbed the Mekotio Trojan. This malware leverages PowerShell, a powerful scripting language built into Windo ... Read more

• Cybersecurity News

Image: FortinetSecurity researcher Jacob Masse has exposed a critical vulnerability within the Mirai botnet, the infamous malware that has plagued the Internet of Things (IoT) and server landscapes si ... Read more

• Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: PostgreSQL databases under attack Poorly protected PostgreSQL databases running on Linux machines are ... Read more

• TheCyberThrone

Security researchers discovered that the China-linked APT group Velvet Ant has exploited the recently disclosed zero-day CVE-2024-20399 in Cisco switches to take over the network devices.Last month, C ... Read more

• TheCyberThrone

SolarWinds has released an update to a new security flaw in its Web Help Desk (WHD) software that could allow remote unauthenticated attackers to gain unauthorized access to vulnerable instances.The v ... Read more

• TheCyberThrone

SonicWall has released patch for a critical vulnerability  affecting their SonicOS and could allow unauthorized access to SonicWall firewalls, potentially leading to a complete system compromise.The v ... Read more

• Dark Reading

Source: SOPA Images LimitedFor the second week in a row, SolarWinds has released a patch for a critical vulnerability in its IT help and ticketing software, Web Help Desk (WHD).According to its latest ... Read more

• Help Net Security

A week after SolarWinds released a fix for a critical code-injection-to-RCE vulnerability (CVE-2024-28986) in Web Help Desk (WHD), another patch for another critical flaw (CVE-2024-28987) in the compa ... Read more

• The Register

SolarWinds left hardcoded credentials in its Web Help Desk product that can be used by remote, unauthenticated attackers to log into vulnerable instances, access internal functionality, and modify sen ... Read more

• The Hacker News

Vulnerability / Network Security SolarWinds has issued patches to address a new security flaw in its Web Help Desk (WHD) software that could allow remote unauthenticated users to gain unauthorized acc ... Read more

• security.nl

De helpdesksoftware van SolarWinds is kwetsbaar door de aanwezigheid van een hardcoded credential, waardoor een ongeauthenticeerde aanvaller toegang tot het systeem kan krijgen en data kan aanpassen. ... Read more

• BleepingComputer

SolarWinds has released a hotfix for a critical Web Help Desk vulnerability that allows attackers to log into unpatched systems using hardcoded credentials. Web Help Desk (WHD) is an IT help desk soft ... Read more

• Cybersecurity News

A critical security vulnerability in the widely used LiteSpeed Cache plugin for WordPress has come under active exploitation, with over 30,000 attack attempts blocked in just the past 24 hours, accord ... Read more

• Cybersecurity News

SolarWinds has issued an urgent security advisory for its Web Help Desk (WHD) software, warning of a critical hardcoded credential vulnerability (CVE-2024-28987) that poses a significant risk to organ ... Read more