Splunk has released patches for several high-severity vulnerabilities in its Enterprise product that could allow attackers to execute remote code on affected systems. The vulnerabilities impact multiple versions of Splunk
Monthly Archives: October 2024
New Supply Chain Attack Leveraging Entry Points in PyPI, npm, Ruby Gems & NuGet
A sophisticated supply chain attack has been identified, leveraging entry points in popular open-source package repositories, including PyPI (Python), npm (JavaScript), Ruby Gems, and NuGet (.NET). This attack vector poses
CoreWarrior Malware Attacking Windows Machines With Self-replication Capabilities
Malware targeting Windows machines continues to be a significant threat. While these threats could be in various forms like viruses, worms, and ransomware. These malicious programs can infiltrate systems via
87,000+ FortiOS Devices Vulnerable to Remote Code Execution Attacks
A critical security vulnerability affecting over 87,000 FortiOS devices has been discovered, leaving them exposed to potential remote code execution (RCE) attacks. The flaw, identified as CVE-2024-23113, impacts multiple versions
Cyber Security News Letter(Weekly) – Data Breaches, Vulnerability, Cyber Attack & Other Stories
Welcome to this week’s Cybersecurity Newsletter, bringing you the latest updates and insights from the world of cybersecurity. Stay informed and protected with our top stories. Stay informed about the
HashiCorp Cloud Vault Vulnerability Let Attackers Escalate Privileges
HashiCorp, a leading provider of cloud infrastructure automation software, has disclosed a critical security vulnerability in its Vault secret management platform. The flaw, identified as CVE-2024-9180, could allow privileged attackers
PureLogs, Low Cost Infostealer Attacking Chrome Browser
The world of cyber threats is intricate and ever-changing. Threat actors are always improving their methods, and new strains of infostealer malware frequently surface. Infostealers are very easy to operate,
Mamba Toolkit Abuses 2FA In Sophisticated Phishing Attack
Phishing attacks are stealthy cyber threats where threat actors impersonate reputable entities to trick individuals into revealing sensitive information (“passwords” or “financial details”). These types of attacks are executed via
New Exclusive Report Reveals Administrators Of BreachForums
The administrators behind the infamous dark web data breach forum, BreachForums, have been exposed. Established in March 2022, BreachForums quickly became a hub for cybercriminals trading in stolen data. The
Foxit PDF Reader Vulnerability Let Attackers Execute Arbitrary Code
Foxit PDF Reader has a memory corruption vulnerability that could allow an attacker to execute arbitrary code on the victim machine. Foxit PDF Reader is a free, highly powerful, and feature-rich
