• Cybersecurity News

A severe security flaw has been identified in the popular WordPress plugin The Events Calendar, affecting all versions up to and including 6.6.4. Designated as CVE-2024-8275, the vulnerability has bee ... Read more

• Cybersecurity News

In a recently disclosed security bulletin, TeamViewer has highlighted two critical vulnerabilities impacting its Remote Client and Remote Host products for Windows. CVE-2024-7479 and CVE-2024-7481—bot ... Read more

• Cybersecurity News

pgAdmin, the leading open-source management tool for PostgreSQL databases, has released an urgent security update to address a critical vulnerability affecting versions 8.11 and earlier. This flaw, id ... Read more

• Cybersecurity News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory regarding an actively exploited security vulnerability impacting Ivanti Virtual Traffic Manager (vTM), a ... Read more

• Cybersecurity News

A critical security vulnerability affecting all GNU/Linux systems—and potentially others—has been identified by renowned security researcher Simone Margaritelli. The vulnerability, which allows for un ... Read more

• Cybersecurity News

A recently disclosed vulnerability (CVE-2024-9043) in Cellopoint’s Secure Email Gateway (SEG) could expose enterprise email systems to critical security risks, making it an urgent matter for administr ... Read more

• Cybersecurity News

The Tor site of Lynx | Image: Rapid7In a recent report from Rapid7 Labs, the Lynx ransomware group has emerged as a new threat in the ever-evolving landscape of cybercrime. Identified in July 2024, Ly ... Read more

• Cybersecurity News

In a security advisory released recently, Cloud Software Group has disclosed two vulnerabilities affecting the widely used Citrix Workspace app for Windows. These vulnerabilities, identified as CVE-20 ... Read more

• Cybersecurity News

A critical security vulnerability, CVE-2024-45409, has been identified in the Ruby-SAML library, a widely used tool for implementing SAML (Security Assertion Markup Language) authorization on the clie ... Read more

• Cybersecurity News

Encryption scheme utilized by the latest ScRansom samples | Image: ESETIn a significant development tracked by ESET researchers, the threat actor known as CosmicBeetle has intensified its ransomware o ... Read more

• Cybersecurity News

Image: Elastic SecurityMicrosoft’s September 2024 security update addresses a zero-day vulnerability affecting Smart App Control and SmartScreen. This vulnerability, dubbed “LNK stomping” (CVE-2024-38 ... Read more

• Cybersecurity News

A new report from Trend Micro has revealed that Earth Preta, the notorious cyber espionage group, has significantly evolved its tactics and malware arsenal, posing a heightened threat to government en ... Read more

• Cybersecurity News

The popular open-source content management system (CMS), SPIP, is facing a critical security vulnerability that could allow unauthenticated attackers to execute malicious code on affected servers. The ... Read more

• Cybersecurity News

In the latest security advisory, HAProxy revealed that CVE-2024-45506, a vulnerability in its popular load balancing and proxy software, is now actively exploited. The vulnerability, which has a CVSS ... Read more

• Cybersecurity News

A massive, coordinated DDoS attack disrupted Steam services globally and the Perfect World Esports platform in China on the weekend of August 24-26, coinciding with the launch of the highly anticipate ... Read more

• The Register

Windows users who haven't yet installed the latest fixes to their operating systems will need to get a move on, as code now exists to exploit a critical Microsoft vulnerability announced by Redmond tw ... Read more

• Cybersecurity News

Fortra, a prominent provider of enterprise file transfer solutions, has released an urgent security advisory highlighting two critical vulnerabilities within its FileCatalyst Workflow product. Designa ... Read more

• Cybersecurity News

Security researcher Zeyad Azima from SecureLayer7 published the proof-of-concept exploit for arbitrary file write vulnerability (CVE-2024-22263) in Spring Cloud Data Flow, a widely-used tool for cloud ... Read more

• Cybersecurity News

The largest credit union in Texas, Texas Dow Employees Credit Union (TDECU), has reported a significant data breach affecting more than 500,000 individuals. The incident may have compromised Social Se ... Read more

• Dark Reading

Source: Ascannio via Alamy Stock PhotoA security researcher named "Ynwarcs" has published analysis of a proof-of-concept exploit code for a critical zero-click vulnerability in Windows TCP/IP.The vuln ... Read more

• Cybersecurity News

Image: Horizon3Please enable JavaScriptTwo critical vulnerabilities have been discovered in the popular GPS tracking system Traccar, which is used for both personal and corporate applications. The vul ... Read more

• malwaretech.com

Since the latest Windows patch dropped on the 13th of August I’ve been deep in the weeds of tcpip.sys (the kernel driver responsible for handling TCP/IP packets). A vulnerability with a 9.8 CVSS score ... Read more

• Cybersecurity News

In a significant development for cybersecurity professionals, security researcher Ynwarcs has published an in-depth analysis and proof-of-concept (PoC) exploit code for a critical zero-click CVE-2024- ... Read more

• Cybersecurity News

In a significant update to its security advisory, Google has confirmed that CVE-2024-7965, a high-severity zero-day vulnerability in the Chrome browser, has been actively exploited in the wild. This r ... Read more

• Cybersecurity News

Hillstone Networks, a global leader in network security solutions, has released a security advisory addressing a critical vulnerability (CVE-2024-8073) in its Web Application Firewall (WAF) product. T ... Read more

• Cybersecurity News

Security researcher ‘Frost’ has released proof-of-concept exploit code for the CVE-2024-38054 vulnerability, escalating concerns over a recently patched Windows security flaw. This high-severity vulne ... Read more

• Cybersecurity News

F5, a prominent provider of application delivery and security solutions, has recently released security advisories addressing vulnerabilities in two of its products: NGINX Plus and BIG-IP Next Central ... Read more

• Cybersecurity News

Security researchers at Sucuri have discovered a new credit card skimmer exploiting a vulnerability in PrestaShop websites. This sophisticated attack uses a WebSocket connection to pilfer sensitive cu ... Read more

• Cybersecurity News

Image Credit: M4v3r1ckIn an ever-evolving cybersecurity landscape, where threats are becoming more sophisticated by the day, the focus on Endpoint Detection and Response (EDR) systems has never been m ... Read more

• Cybersecurity News

Security researchers have discovered a series of fake proof-of-concept (PoC) exploit codes for the critical CVE-2024-38063 vulnerability affecting Windows systems. These fraudulent exploits, which hav ... Read more

• Cyber Security News

The “Weekly Cyber Security News Letter – Data Breaches, Vulnerability, Cyber Attack & More” provides a comprehensive overview of the latest developments in the cybersecurity landscape. Each edition hi ... Read more

• Cybersecurity News

Credential harvester prompt spawned by `AntiSpam.exe | Image: Rapid7 Recently, cybersecurity firm Rapid7 identified a series of sophisticated intrusion attempts linked to an ongoing social engineering ... Read more

• schneier.com

The press is reporting a critical Windows vulnerability affecting IPv6. As Microsoft explained in its Tuesday advisory, unauthenticated attackers can exploit the flaw remotely in low-complexity attack ... Read more

• Cybersecurity News

SquareX, along with its founder Vivek Ramachandran, a renowned cybersecurity expert, recently uncovered a vulnerability in Secure Web Gateway (SWG) systems, which are employed to safeguard corporate n ... Read more

• Cybersecurity News

In a recent August Patch Tuesday, Microsoft urgently addressed a critical security vulnerability within the Windows TCP/IP stack, identified as CVE-2024-38063. With a CVSS score of 9.8, this flaw has ... Read more

• Cybersecurity News

Please enable JavaScriptA severe security vulnerability has been discovered in the widely-used AI library llama_cpp_python, potentially allowing threat actors to execute malicious code on affected sys ... Read more

• BleepingComputer

Microsoft warned customers this Tuesday to patch a critical TCP/IP remote code execution (RCE) vulnerability with an increased likelihood of exploitation that impacts all Windows systems using IPv6, w ... Read more

• BleepingComputer

Microsoft warned customers this Tuesday to patch a critical TCP/IP remote code execution (RCE) vulnerability with an increased likelihood of exploitation that impacts all Windows systems using IPv6, w ... Read more

• crowdstrike.com

Microsoft has released security updates for 85 vulnerabilities in its August 2024 Patch Tuesday rollout. These include six actively exploited zero-days (CVE-2024-38213, CVE-2024-38193, CVE-2024-38189, ... Read more

• security.nl

Microsoft verwacht dat aanvallers misbruik zullen maken van een kritieke TCP/IP-kwetsbaarheid in Windows waardoor remote code execution zonder enige interactie van gebruikers mogelijk is. Volgens secu ... Read more

• The Cyber Express

Microsoft has released its August 2024 Patch Tuesday update, addressing multiple vulnerabilities across its software ecosystem. This month’s update features fixes for a total of 90 vulnerabilities, in ... Read more

• Cyber Security News

Microsoft has released an urgent security update to address a critical remote code execution vulnerability in the Windows TCP/IP stack. The flaw tracked as CVE-2024-38063, affects all supported Window ... Read more

• Cybersecurity News

Please enable JavaScriptIn its latest Patch Tuesday security update, Microsoft has disclosed a critical vulnerability in the Windows TCP/IP stack that demands urgent attention. Among the 88 vulnerabil ... Read more

• TheCyberThrone

Microsoft patched 90 CVEs in its August 2024 Patch Tuesday release, with seven rated critical, 82 rated as important, and one rated as moderate.This includes updates for vulnerabilities in Microsoft O ... Read more