• TheCyberThrone

CVE-2024-44243 is a critical vulnerability discovered in macOS that allows attackers to bypass Apple’s System Integrity Protection (SIP) by exploiting third-party kernel extensions. This vulnerability ... Read more

• TheCyberThrone

Google has released version 132.0.6834.83/84 of its Chrome browser on January 14, 2025. This update addresses several critical security vulnerabilities to enhance the browser’s security and stability. ... Read more

• TheCyberThrone

CVE-2024-55591 is a critical vulnerability affecting Fortinet’s FortiOS and FortiProxy devices. This vulnerability allows a remote attacker to bypass authentication mechanisms and gain super-admin pri ... Read more

• TheCyberThrone

Microsoft released the January 2025 Patch Tuesday updates on January 14, 2025, focusing on addressing critical security vulnerabilities across various Microsoft products. This update cycle includes se ... Read more

• TheCyberThrone

CVE-2024-12398 is a critical vulnerability discovered in the web management interface of certain Zyxel devices. This vulnerability allows an authenticated user with limited privileges to escalate thei ... Read more

• TheCyberThrone

The US CISA has recently included two significant vulnerabilities, CVE-2024-12686 and CVE-2023-48365, in its Known Exploited Vulnerabilities (KEV) Catalog. This catalog is an essential resource for or ... Read more

• TheCyberThrone

OverviewCVE-2024-54498 is a critical vulnerability affecting macOS systems, specifically those running versions prior to 2.6.11. This vulnerability, discovered by security researcher @wh1te4ever, invo ... Read more

• Cybersecurity News

Recently, security researcher @wh1te4ever has revealed a proof of concept (PoC) exploit for CVE-2024-54498, a vulnerability that allows applications to escape the confines of the macOS Sandbox. The Po ... Read more

• Cybersecurity News

A newly published report from Natalie Silvanovich, a security researcher at Google’s Project Zero team, has revealed a critical vulnerability in the Monkey’s Audio (APE) decoder used in Samsung’s S24 ... Read more

• TheCyberThrone

Welcome to TheCyberThrone cybersecurity week in review will be posted covering the important security happenings. This review is for the week ending Saturday, January 11, 2025.Redis was affected by CV ... Read more

• TheCyberThrone

The MirrorFace Advanced Persistent Threat (APT) group, also known as Earth Kasha, has been linked to a series of cyber-attacks targeting Japan. These attacks have been ongoing since 2019 and have prim ... Read more

• TheCyberThrone

CVE-2024-5594 is a critical vulnerability identified in OpenVPN versions prior to 2.6.11. This vulnerability stems from improper sanitization of PUSH_REPLY messages, which allows attackers to inject u ... Read more

• TheCyberThrone

CVE-2024-49415 is a critical vulnerability found in Samsung devices running Android versions 12, 13, and 14. This vulnerability was discovered by researchers from Google Project Zero, a team dedicated ... Read more

• The Hacker News

Cybersecurity researchers have detailed a now-patched security flaw impacting Monkey's Audio (APE) decoder on Samsung smartphones that could lead to code execution. The high-severity vulnerability, tr ... Read more