CONPROSYS HMI System information disclosure | CVE-2023-28713
NAME__________CONPROSYS HMI System information disclosurePlatforms Affected:Contec CONPROSYS HMI System 3.5.1 Contec CONPROSYS HMI System 3.5.0 Contec CONPROSYS HMI System 3.5.2Risk...
Month: June 2023
CONPROSYS HMI System cross-site scripting | CVE-2023-28651
NAME__________CONPROSYS HMI System cross-site scriptingPlatforms Affected:Contec CONPROSYS HMI System 3.5.1 Contec CONPROSYS HMI System 3.5.0 Contec CONPROSYS HMI System 3.5.2Risk...
CONPROSYS HMI System denial of service | CVE-2023-2758
NAME__________CONPROSYS HMI System denial of servicePlatforms Affected:Contec CONPROSYS HMI System 3.5.1 Contec CONPROSYS HMI System 3.5.0 Contec CONPROSYS HMI System...
Iubenda Integration module for Drupal cross-site scripting |
NAME__________Iubenda Integration module for Drupal cross-site scriptingPlatforms Affected:WordPress Iubenda Integration Module for WordPress 7.x-2.4Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Iubenda Integration module for...
SAISON INFORMATION SYSTEMS DataSpider Servista default account | CVE-2023-28937
NAME__________SAISON INFORMATION SYSTEMS DataSpider Servista default accountPlatforms Affected:SAISON INFORMATION SYSTEMS DataSpider Servista 4.4Risk Level:5.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________SAISON INFORMATION SYSTEMS DataSpider Servista...
Consent Popup module for Drupal cross-site scripting |
NAME__________Consent Popup module for Drupal cross-site scriptingPlatforms Affected:WordPress Consent Popup Module for WordPress 1.0.2Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Consent Popup module for...
CONPROSYS HMI System security bypass | CVE-2023-28399
NAME__________CONPROSYS HMI System security bypassPlatforms Affected:Contec CONPROSYS HMI System 3.5.1 Contec CONPROSYS HMI System 3.5.0 Contec CONPROSYS HMI System 3.5.2Risk...
Microsoft Details Critical Apple macOS Vulnerability Allowing SIP Protection Bypass
Microsoft has shared details of a now-patched flaw in Apple macOS that could be abused by threat actors with root...
Active Mirai Botnet Variant Exploiting Zyxel Devices for DDoS Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw in Zyxel gear to...
N. Korean ScarCruft Hackers Exploit LNK Files to Spread RokRAT
Cybersecurity researchers have offered a closer look at the RokRAT remote access trojan that's employed by the North Korean state-sponsored...
Urgent WordPress Update Fixes Critical Flaw in Jetpack Plugin on Million of Sites
WordPress has issued an automatic update to address a critical flaw in the Jetpack plugin that's installed on over five...
RansomHouse Ransomware Victim: Mission Community Hospital
RansomHouse Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Dark Pink hackers continue to target govt and military organizations
The Dark Pink APT hacking group continues to be very active in 2023, observed targeting government, military, and education organizations...
7 Stages of Application Testing: How to Automate for Continuous Security
With cyber-attacks becoming more sophisticated, organizations are becoming increasingly aware of the importance of safeguarding their web applications against security...
Toyota finds more misconfigured servers leaking customer info
Toyota Motor Corporation has discovered two additional misconfigured cloud services that leaked car owners' personal information for over seven years....
Exploit released for RCE flaw in popular ReportLab PDF library
A researcher has published a working exploit for a remote code execution (RCE) flaw impacting ReportLab Toolkit, a popular Python...
Stealthy SeroXen RAT malware increasingly used to target gamers
A stealthy remote access trojan (RAT) named 'SeroXen' has recently gained popularity as cybercriminals begin using it for its low...
Kali Linux 2023.2 released with 13 new tools, pre-built HyperV image
Kali Linux 2023.2, the second version of 2023, is now available with a pre-built Hyper-V image and thirteen new tools,...
Terminator antivirus killer is a vulnerable Windows driver in disguise
A threat actor known as Spyboy is promoting a tool called "Terminator" on a Russian-speaking hacking forum that can allegedly...
Hackers exploit critical Zyxel firewall flaw in ongoing attacks
Hackers are performing widespread exploitation of a critical-severity command injection flaw in Zyxel networking devices, tracked as CVE-2023-28771, to install...
Polish Credentials – 1,204,870 breached accounts
HIBP In May 2023, a credential stuffing list of 6.3M Polish email address and password pairs appeared on a local...
RaidForums – 478,604 breached accounts
HIBP In May 2023, 478k user records from the now defunct hacking forum known as "RaidForums" was posted to another...
CISA: CISA and Partners Release Cybersecurity Advisory Guidance detailing PRC state-sponsored actors evading detection by “Living off the Land”
CISA and Partners Release Cybersecurity Advisory Guidance detailing PRC state-sponsored actors evading detection by “Living off the Land” Today, CISA...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
