Critical Veeam Flaw Exposes Backup Systems to Remote Code Execution
Veeam has released security patches to fix a critical vulnerability in its Backup software that could allow attackers to execute […]
Alert
Lightning AI Security Breach: Hidden URL Parameter Could Have Given Hackers Root Access
Cybersecurity researchers have uncovered a critical vulnerability in the Lightning AI Studio development platform that could have enabled remote code
J-magic Backdoor: Juniper Routers Under Attack by Magic Packet Exploit
Juniper Networks, a key provider of enterprise-grade networking solutions, has become the focal point of a sophisticated cyber campaign labeled
CISA Warns of Active Exploitation of Five-Year-Old jQuery Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently added a medium-severity cross-site scripting (XSS) vulnerability, CVE-2020-11023, to its
PANdora’s Box: Palo Alto Firewall Secure Boot Bypass and Firmware Exploits
An in-depth evaluation of three firewall models from Palo Alto Networks has exposed significant vulnerabilities, ranging from Secure Boot bypass
Zero-Click Exploit in Google Messages Affecting Galaxy S23 and S24 Models
A security flaw affecting Samsung smartphones has been uncovered, posing a significant risk to user safety. Cybersecurity researchers have detailed
CISA Warns of Active Exploitation in Mitel and Oracle Systems
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about three critical vulnerabilities impacting Mitel MiCollab and
LDAPNightmare Exploit Targets Windows Servers with DoS and RCE
A proof-of-concept (PoC) exploit, codenamed LDAPNightmare, has been unveiled for a now-patched security vulnerability in Windows’ Lightweight Directory Access Protocol
Dynamics 365 and Power Apps API Flaws: Microsoft Users at Risk
Recent revelations about three significant security vulnerabilities in Microsoft Dynamics 365 and Power Apps Web API underscore the ever-present need
DoubleClickjacking: New Exploit Bypasses Major Website Protections
A new vulnerability, named DoubleClickjacking, is threatening the security landscape by circumventing traditional clickjacking protections on major websites. Discovered by
16 Chrome Extensions Compromised: Over 600,000 Users at Risk
A newly uncovered attack campaign has compromised at least 16 Chrome browser extensions, exposing over 600,000 users to data breaches
CVE-2024-12856: Default Credentials Endanger 15,000+ Four-Faith Routers
A high-severity vulnerability in Four-Faith routers has placed over 15,000 devices at risk, with active exploitation already observed. The flaw,
CVE-2024-45387: Apache Traffic Control SQL Injection Fix Released
The Apache Software Foundation (ASF) has issued crucial security updates to address a severe SQL injection vulnerability in Apache Traffic
Critical Apache Tomcat RCE Flaw CVE-2024-56337
The Apache Software Foundation (ASF) has issued a crucial security update to address a newly identified vulnerability in Apache Tomcat,
WebView2 Exploited: CoinLurker Malware Targets Cryptocurrency Wallets
Attackers are targeting cryptocurrency using fake software update notifications to deploy a sophisticated stealer malware known as CoinLurker. Written in