CVE Alert: CVE-2024-8934
Vulnerability Summary: CVE-2024-8934 A local user with administrative access rights can enter specialy crafted values for settings at the user...
CVE Alert: CVE-2024-8553
Vulnerability Summary: CVE-2024-8553 A vulnerability was found in Foreman's loader macros introduced with report templates. These macros may allow an...
CVE Alert: CVE-2024-51254
Vulnerability Summary: CVE-2024-51254 DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling...
CVE Alert: CVE-2024-42835
Vulnerability Summary: CVE-2024-42835 langflow v1.0.12 was discovered to contain a remote code execution (RCE) vulnerability via the PythonCodeTool component. Affected...
CVE Alert: CVE-2024-51259
Vulnerability Summary: CVE-2024-51259 DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling...
CVE Alert: CVE-2024-48910
Vulnerability Summary: CVE-2024-48910 DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify was vulnerable to...
[RHYSIDA] – Ransomware Victim: Hope Valley Recovery
Ransomware Group: RHYSIDA VICTIM NAME: Hope Valley Recovery NOTE: No files or stolen information are by RedPacket Security. Any legal...
[CACTUS] – Ransomware Victim: lsst[.]ac
Ransomware Group: CACTUS VICTIM NAME: lsstac NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
Cobalt Strike Beacon Detected – 121[.]40[.]69[.]150:8888
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Massive Git Config Breach Exposes 15,000 Credentials; 10,000 Private Repos Cloned
Cybersecurity researchers have flagged a "massive" campaign that targets exposed Git configurations to siphon credentials, clone private repositories, and even...
Microsoft Warns of Chinese Botnet Exploiting Router Flaws for Credential Theft
Microsoft has revealed that a Chinese threat actor it tracks as Storm-0940 is leveraging a botnet called Quad7 to orchestrate...
5 SaaS Misconfigurations Leading to Major Fu*%@ Ups
With so many SaaS applications, a range of configuration options, API capabilities, endless integrations, and app-to-app connections, the SaaS risk...
Microsoft Delays Windows Copilot+ Recall Release Over Privacy Concerns
Microsoft is further delaying the release of its controversial Recall feature for Windows Copilot+ PCs, stating it's taking the time...
CovenantC2 Detected – 195[.]7[.]5[.]233:7443
The Information provided at the time of posting was detected as "Covenant C2". Depending on when you are viewing this...
CVE Alert: CVE-2024-51255
Vulnerability Summary: CVE-2024-51255 DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling...
CVE Alert: CVE-2024-8185
Vulnerability Summary: CVE-2024-8185 Vault Community and Vault Enterprise (“Vault”) clusters using Vault’s Integrated Storage backend are vulnerable to a denial-of-service...
CVE Alert: CVE-2024-50354
Vulnerability Summary: CVE-2024-50354 gnark is a fast zk-SNARK library that offers a high-level API to design circuits. In gnark 0.11.0...
CVE Alert: CVE-2024-51260
Vulnerability Summary: CVE-2024-51260 DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling...
CVE Alert: CVE-2024-51478
Vulnerability Summary: CVE-2024-51478 YesWiki is a wiki system written in PHP. Prior to 4.4.5, the use of a weak cryptographic...
CVE Alert: CVE-2024-50356
Vulnerability Summary: CVE-2024-50356 Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service (SaaS). The...
CVE Alert: CVE-2024-51482
Vulnerability Summary: CVE-2024-51482 ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder v1.37.*
CVE Alert: CVE-2024-7883
Vulnerability Summary: CVE-2024-7883 When using Arm Cortex-M Security Extensions (CMSE), Secure stack contents can be leaked to Non-secure state via...
CVE Alert: CVE-2024-51430
Vulnerability Summary: CVE-2024-51430 Cross Site Scripting vulnerability in online diagnostic lab management system using php v.1.0 allows a remote attacker...
CVE Alert: CVE-2024-10573
Vulnerability Summary: CVE-2024-10573 An out-of-bounds write flaw was found in mpg123 when handling crafted streams. When decoding PCM, the libmpg123...
