CVE Alert: CVE-2024-12588
Vulnerability Summary: CVE-2024-12588 The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
Month: December 2024
CVE Alert: CVE-2024-10453
Vulnerability Summary: CVE-2024-10453 The Elementor Website Builder – More than Just a Page Builder plugin for WordPress is vulnerable to...
CVE Alert: CVE-2024-11688
Vulnerability Summary: CVE-2024-11688 The LaTeX2HTML plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'ver' or 'date' parameter...
CVE Alert: CVE-2024-12558
Vulnerability Summary: CVE-2024-12558 The WP BASE Booking of Appointments, Services and Events plugin for WordPress is vulnerable to unauthorized access...
CVE Alert: CVE-2024-11722
Vulnerability Summary: CVE-2024-11722 The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to SQL Injection via the 'orderby' parameter...
CVE Alert: CVE-2024-12591
Vulnerability Summary: CVE-2024-12591 The MagicPost plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wb_share_social shortcode in...
CVE Alert: CVE-2024-12408
Vulnerability Summary: CVE-2024-12408 The WP on AWS plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via $_POST data in...
CVE Alert: CVE-2024-51464
Vulnerability Summary: CVE-2024-51464 IBM i 7.3, 7.4, and 7.5 is vulnerable to bypassing Navigator for i interface restrictions. By sending...
CVE Alert: CVE-2024-12875
Vulnerability Summary: CVE-2024-12875 The Easy Digital Downloads – eCommerce Payments and Subscriptions made easy plugin for WordPress is vulnerable to...
CVE Alert: CVE-2024-12883
Vulnerability Summary: CVE-2024-12883 A vulnerability was found in code-projects Job Recruitment 1.0. It has been declared as problematic. Affected by...
CVE Alert: CVE-2024-51463
Vulnerability Summary: CVE-2024-51463 IBM i 7.3, 7.4, and 7.5 is vulnerable to server-side request forgery (SSRF). This may allow an...
CVE Alert: CVE-2024-12884
Vulnerability Summary: CVE-2024-12884 A vulnerability was found in Codezips E-Commerce Website 1.0. It has been rated as critical. Affected by...
Ransomware Attackers Targeting Low Downtime Industries: Insights from Q3 2024
In 2024, ransomware attackers aggressively targeted industries with low downtime tolerance, such as healthcare and finance. This report outlines the...
CISA Urges Encrypted Messaging for Enhanced Security Post Salt Typhoon Hack
In light of the growing cyber threats, the US Cybersecurity and Infrastructure Security Agency (CISA) emphasizes the urgent need for...
LockBit Ransomware Group Announces New Version, LockBit 4.0
The LockBit ransomware group may be making a significant comeback, hinting at the release of its latest version, LockBit 4.0,...
HiatusRAT Threat: FBI Warns of Vulnerabilities in Webcams and DVRs
The FBI has issued a significant warning regarding the vulnerabilities of webcams and DVRs to an emerging threat known as...
€15 Million Fine Imposed on OpenAI by Italy’s Data Protection Authority Over ChatGPT Violations
Italy's Data Protection Authority has imposed a €15 million fine on OpenAI due to serious data protection issues involving the...
Probing GRU-Linked Cyber-Attack: Insights from Ukraine’s Security Service
In a significant escalation related to cybersecurity, Ukraine's state registers have experienced their largest cyber-attack, prompting an investigation by the...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA and Partners Release Joint Guidance on PRC-Affiliated Threat Actor Compromising Networks of Global Telecommunications Providers
CISA and Partners Release Joint Guidance on PRC-Affiliated Threat Actor Compromising Networks of Global Telecommunications Providers Today, CISA—in partnership with...
CISA: CISA Releases Six Industrial Control Systems Advisories
CISA Releases Six Industrial Control Systems Advisories CISA released six Industrial Control Systems (ICS) advisories on November 26, 2024. These...
CISA: CISA Releases Eight Industrial Control Systems Advisories
CISA Releases Eight Industrial Control Systems Advisories CISA released eight Industrial Control Systems (ICS) advisories on December 3, 2024. These...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: ASD’s ACSC, CISA, and US and International Partners Release Guidance on Choosing Secure and Verifiable Technologies
ASD’s ACSC, CISA, and US and International Partners Release Guidance on Choosing Secure and Verifiable Technologies Today, CISA—in partnership with...
