CVE Alert: CVE-2024-50434
Vulnerability Summary: CVE-2024-50434 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Theme...
Month: October 2024
CVE Alert: CVE-2024-50435
Vulnerability Summary: CVE-2024-50435 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Theme...
CVE Alert: CVE-2024-50457
Vulnerability Summary: CVE-2024-50457 : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in...
CVE Alert: CVE-2024-49755
Vulnerability Summary: CVE-2024-49755 Duende IdentityServer is an OpenID Connect and OAuth 2.x framework for ASP.NET Core. IdentityServer's local API authentication...
CVE Alert: CVE-2024-50496
Vulnerability Summary: CVE-2024-50496 Unrestricted Upload of File with Dangerous Type vulnerability in Web and Print Design AR For WordPress allows...
CVE Alert: CVE-2024-50453
Vulnerability Summary: CVE-2024-50453 Relative Path Traversal vulnerability in Webangon The Pack Elementor addons allows PHP Local File Inclusion.This issue affects...
CVE Alert: CVE-2024-50436
Vulnerability Summary: CVE-2024-50436 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Theme...
CVE Alert: CVE-2024-50495
Vulnerability Summary: CVE-2024-50495 Unrestricted Upload of File with Dangerous Type vulnerability in WidgiLabs Plugin Propagator allows Upload a Web Shell...
CVE Alert: CVE-2024-30106
Vulnerability Summary: CVE-2024-30106 HCL Connections is vulnerable to an information disclosure vulnerability, due to an IBM WebSphere Application Server error,...
Manufacturers Targeted by Rising AI-Powered BEC Scams
Business Email Compromise (BEC) scams are increasingly targeting manufacturers, representing a significant portion of phishing attempts. Recent analysis reveals alarming...
Russian Malware Campaign Targeting Ukrainian Recruits Via Telegram: Insights and Implications
In a concerning development, a malware campaign targeting Ukrainian military recruits has emerged, delivered through Telegram by Russian threat actors....
CloudScout Toolset by Evasive Panda: Targeting Taiwan’s Institutions
The CloudScout toolset, developed by the cyber threat group Evasive Panda, is specifically designed to infiltrate Taiwanese institutions and extract...
Pwn2Own Ireland Reveals Over 70 Zero-Day Vulnerabilities
At Pwn2Own Ireland, participants uncovered more than 70 zero-day vulnerabilities, with significant implications for cybersecurity and user safety. A team...
Job Scams Exploiting Financial Vulnerability: A Growing Threat
Job scams exploiting financially vulnerable individuals have surged recently, raising concerns among cybersecurity experts at Proofpoint. A surge in online...
CISA: ASD’s ACSC, CISA, FBI, NSA, and International Partners Release Guidance on Principles of OT Cybersecurity for Critical Infrastructure Organizations
ASD’s ACSC, CISA, FBI, NSA, and International Partners Release Guidance on Principles of OT Cybersecurity for Critical Infrastructure Organizations Today,...
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on October 1, 2024. These...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA’s VDP Platform 2023 Annual Report Showcases Success
CISA’s VDP Platform 2023 Annual Report Showcases Success Today, the Cybersecurity and Infrastructure Security Agency (CISA) released its Vulnerability Disclosure Policy...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: Avoid Scams After Disaster Strikes
Avoid Scams After Disaster Strikes As hurricanes and other natural disasters occur, CISA urges individuals to remain on alert for...
CISA: CISA Releases Three Industrial Control Systems Advisories
CISA Releases Three Industrial Control Systems Advisories CISA released three Industrial Control Systems (ICS) advisories on October 3, 2024. These...
CISA: Microsoft Releases October 2024 Security Updates
Microsoft Releases October 2024 Security Updates Microsoft released security updates to address vulnerabilities in multiple products. A cyber threat actor...
CISA: CISA and FBI Release Fact Sheet on Protecting Against Iranian Targeting of Accounts Associated with National Political Organizations
CISA and FBI Release Fact Sheet on Protecting Against Iranian Targeting of Accounts Associated with National Political Organizations Today, CISA...
