Alert - CyAsha | Cyber Security Awareness

Massive Polyfill[.]io Supply Chain Attack Affects Over 380,000 Hosts, Including Major Corporations

Researcher | 05/07/2024

In a recent cybersecurity incident, the widely-used JavaScript library Polyfill[.]io has been compromised, affecting over 380,000 hosts, according to new […]

Alert

Alert: Remote Code Execution and DoS in Rockwell Automation Systems PanelView Plus

Researcher | 04/07/2024

Recently Microsoft has disclosed two critical security flaws in Rockwell Automation’s PanelView Plus that can be exploited by remote, unauthenticated

Alert

Twilio’s Authy Breach: A Wake-Up Call for Cybersecurity in 2FA Apps

Researcher | 04/07/2024

In a concerning development for cybersecurity enthusiasts and users alike, Twilio has revealed a breach in its Authy app, a

Alert

FakeBat Loader Malware: The Rising Threat of Drive-by Download Attacks

Researcher | 03/07/2024

In the rapidly evolving landscape of cybersecurity threats, the loader-as-a-service (LaaS) model known as FakeBat has emerged as one of

Alert

Uncovering ‘Indirector’: A New Vulnerability Exposing Sensitive Data in Intel CPUs

Researcher | 02/07/2024

Intel’s cutting-edge processors, including the Raptor Lake and Alder Lake series, have been found vulnerable to a novel side-channel attack

Alert

Critical CocoaPods Vulnerabilities Expose iOS and macOS Apps to Major Supply Chain Attacks

Researcher | 02/07/2024

A significant security vulnerability has been unearthed in CocoaPods, a popular dependency manager used for Swift and Objective-C Cocoa projects.

Alert

New OpenSSH Vulnerability: Critical Risk of Remote Code Execution on Linux Systems

Researcher | 01/07/2024

The cybersecurity community is once again on high alert following the recent disclosure of a critical vulnerability in OpenSSH, which

Alert

Juniper Networks Releases Emergency Fix for Critical Authentication Bypass Vulnerability

Researcher | 01/07/2024

In an urgent response to a high-severity vulnerability, Juniper Networks has rolled out an emergency update to address a critical

Alert

Critical Vulnerability in Vanna AI ( CVE-2024-5565) Exposes Databases to RCE Attacks

Researcher | 28/06/2024

Cybersecurity researchers have recently disclosed a significant security vulnerability in the Vanna.AI library, which has the potential to be exploited

Alert

Critical Vulnerability in Fortra FileCatalyst Workflow: CVE-2024-5276

Researcher | 27/06/2024

A significant security flaw has been uncovered in Fortra FileCatalyst Workflow, a widely-used web-based file exchange and sharing platform. This

Alert

Critical Vulnerability in MOVEit Transfer Exploited (CVE-2024-5806): Patch Immediately

Researcher | 27/06/2024

A recently unveiled critical security vulnerability in Progress Software’s MOVEit Transfer platform has already become the target of exploitation attempts.

grimresource microsoft management console mmc

Alert

GrimResource: A Sophisticated Cybersecurity Threat Exploiting Microsoft Management Console Files

Researcher | 26/06/2024

In a concerning development, threat actors have recently been observed exploiting a sophisticated attack technique involving Microsoft Management Console (MMC)

Alert

Breaking News: WordPress Plugins Compromised in Supply Chain Attack

Researcher | 25/06/2024

In a concerning turn of events for website owners and administrators, multiple WordPress plugins have been identified as compromised, posing

Alert

SolarWinds Serv-U Vulnerability (CVE-2024-28995): Patch Now !!

Researcher | 21/06/2024

In a recent development that underscores the critical importance of proactive cybersecurity measures, SolarWinds has urgently addressed a high-severity vulnerability

Alert

Mailcow Mail Server Security Vulnerabilities: Remote Code Execution

Researcher | 19/06/2024

In a recent development concerning cybersecurity, Mailcow, a widely-used open-source mail server suite, has addressed critical vulnerabilities that could potentially