CVE Alert: CVE-2024-50468
Vulnerability Summary: CVE-2024-50468 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Michael Robinson Raptor...
CVE Alert: CVE-2024-50467
Vulnerability Summary: CVE-2024-50467 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WebXApp Scrollbar by...
CVE Alert: CVE-2024-9629
Vulnerability Summary: CVE-2024-9629 The Contact Form 7 + Telegram plugin for WordPress is vulnerable to unauthorized modification of data and...
CVE Alert: CVE-2024-50433
Vulnerability Summary: CVE-2024-50433 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in wowDevs Sky Addons...
CVE Alert: CVE-2024-50437
Vulnerability Summary: CVE-2024-50437 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AyeCode GeoDirectory allows...
CVE Alert: CVE-2024-50429
Vulnerability Summary: CVE-2024-50429 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPBlockArt Magazine Blocks...
CVE Alert: CVE-2024-50431
Vulnerability Summary: CVE-2024-50431 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Cloudways Breeze allows...
CVE Alert: CVE-2024-50432
Vulnerability Summary: CVE-2024-50432 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PickPlugins Post Grid...
New Research Reveals Spectre Vulnerability Persists in Latest AMD and Intel Processors
More than six years after the Spectre security flaw impacting modern CPU processors came to light, new research has found...
U.S. Government Issues New TLP Guidance for Cross-Sector Threat Intelligence Sharing
The U.S. government (USG) has issued new guidance governing the use of the Traffic Light Protocol (TLP) to handle the...
CVE Alert: CVE-2024-9825
Vulnerability Summary: CVE-2024-9825 The Chef Habitat builder-api on-prem-builder package with any version lower than habitat/builder-api/10315/20240913162802 is vulnerable to indirect object...
CVE Alert: CVE-2024-50434
Vulnerability Summary: CVE-2024-50434 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Theme...
CVE Alert: CVE-2024-50435
Vulnerability Summary: CVE-2024-50435 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Theme...
CVE Alert: CVE-2024-50457
Vulnerability Summary: CVE-2024-50457 : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in...
CVE Alert: CVE-2024-49755
Vulnerability Summary: CVE-2024-49755 Duende IdentityServer is an OpenID Connect and OAuth 2.x framework for ASP.NET Core. IdentityServer's local API authentication...
CVE Alert: CVE-2024-50496
Vulnerability Summary: CVE-2024-50496 Unrestricted Upload of File with Dangerous Type vulnerability in Web and Print Design AR For WordPress allows...
CVE Alert: CVE-2024-50453
Vulnerability Summary: CVE-2024-50453 Relative Path Traversal vulnerability in Webangon The Pack Elementor addons allows PHP Local File Inclusion.This issue affects...
CVE Alert: CVE-2024-50436
Vulnerability Summary: CVE-2024-50436 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Theme...
CVE Alert: CVE-2024-50495
Vulnerability Summary: CVE-2024-50495 Unrestricted Upload of File with Dangerous Type vulnerability in WidgiLabs Plugin Propagator allows Upload a Web Shell...
CVE Alert: CVE-2024-30106
Vulnerability Summary: CVE-2024-30106 HCL Connections is vulnerable to an information disclosure vulnerability, due to an IBM WebSphere Application Server error,...
Manufacturers Targeted by Rising AI-Powered BEC Scams
Business Email Compromise (BEC) scams are increasingly targeting manufacturers, representing a significant portion of phishing attempts. Recent analysis reveals alarming...
Russian Malware Campaign Targeting Ukrainian Recruits Via Telegram: Insights and Implications
In a concerning development, a malware campaign targeting Ukrainian military recruits has emerged, delivered through Telegram by Russian threat actors....
CloudScout Toolset by Evasive Panda: Targeting Taiwan’s Institutions
The CloudScout toolset, developed by the cyber threat group Evasive Panda, is specifically designed to infiltrate Taiwanese institutions and extract...
Pwn2Own Ireland Reveals Over 70 Zero-Day Vulnerabilities
At Pwn2Own Ireland, participants uncovered more than 70 zero-day vulnerabilities, with significant implications for cybersecurity and user safety. A team...
