Canadian Suspect Arrested Over Snowflake Data Breach and Extortion Attacks
Canadian law enforcement authorities have arrested an individual who is suspected to have conducted a series of hacks stemming from...
OSINT
Malware Campaign Uses Ethereum Smart Contracts to Control npm Typosquat Packages
An ongoing campaign is targeting npm developers with hundreds of typosquat versions of their legitimate counterparts in an attempt to...
CVE Alert: CVE-2024-10764
Vulnerability Summary: CVE-2024-10764 A vulnerability classified as critical has been found in Codezips Online Institute Management System 1.0. This affects...
CVE Alert: CVE-2024-10768
Vulnerability Summary: CVE-2024-10768 A vulnerability classified as problematic was found in PHPGurukul Online Shopping Portal 2.0. This vulnerability affects unknown...
CVE Alert: CVE-2024-48336
Vulnerability Summary: CVE-2024-48336 The install() function of ProviderInstaller.java in Magisk App before canary version 27007 does not verify the GMS...
CVE Alert: CVE-2024-51328
Vulnerability Summary: CVE-2024-51328 Cross Site Scripting vulnerability in addcategory.php in projectworld's Travel Management System v1.0 allows remote attacker to inject...
CVE Alert: CVE-2024-10766
Vulnerability Summary: CVE-2024-10766 A vulnerability, which was classified as critical, has been found in Codezips Free Exam Hall Seating Management...
CVE Alert: CVE-2024-10791
Vulnerability Summary: CVE-2024-10791 A vulnerability, which was classified as critical, has been found in Codezips Hospital Appointment System 1.0. This...
CVE Alert: CVE-2024-10805
Vulnerability Summary: CVE-2024-10805 A vulnerability was found in code-projects University Event Management System 1.0. It has been classified as critical....
CVE Alert: CVE-2024-51500
Vulnerability Summary: CVE-2024-51500 Meshtastic firmware is a device firmware for the Meshtastic project. The Meshtastic firmware does not check for...
CVE Alert: CVE-2024-51744
Vulnerability Summary: CVE-2024-51744 golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in `ParseWithClaims`...
CVE Alert: CVE-2024-45086
Vulnerability Summary: CVE-2024-45086 IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML external entity injection (XXE) attack...
[FLOCKER] – Ransomware Victim: d****I
Ransomware Group: FLOCKER VICTIM NAME: d****I NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
Google Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android System
Google has warned that a security flaw impacting its Android operating system has come under active exploitation in the wild....
Z-lib – 9,737,374 breached accounts
HIBP In June 2024, almost 10M user records from Z-lib were discovered exposed online. Now defunct, Z-lib was a malicious...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: Microsoft Releases October 2024 Security Updates
Microsoft Releases October 2024 Security Updates Microsoft released security updates to address vulnerabilities in multiple products. A cyber threat actor...
CISA: Avoid Scams After Disaster Strikes
Avoid Scams After Disaster Strikes As hurricanes and other natural disasters occur, CISA urges individuals to remain on alert for...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA and FBI Release Fact Sheet on Protecting Against Iranian Targeting of Accounts Associated with National Political Organizations
CISA and FBI Release Fact Sheet on Protecting Against Iranian Targeting of Accounts Associated with National Political Organizations Today, CISA...
CISA: CISA Releases Twenty-One Industrial Control Systems Advisories
CISA Releases Twenty-One Industrial Control Systems Advisories CISA released twenty-one Industrial Control Systems (ICS) advisories on October 10, 2024. These...
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on October 15, 2024. These...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: Best Practices to Configure BIG-IP LTM Systems to Encrypt HTTP Persistence Cookies
Best Practices to Configure BIG-IP LTM Systems to Encrypt HTTP Persistence Cookies CISA has observed cyber threat actors leveraging unencrypted...