F5 BIG-IP information disclosure | CVE-2023-43124
NAME__________F5 BIG-IP information disclosurePlatforms Affected:F5 BIG-IP (APM) 13.0.0 F5 BIG-IP (APM) 14.0.0 F5 BIG-IP (APM) 15.0.0 F5 BIG-IP (APM) 16.0.0Risk...
Microweber cross-site scripting | CVE-2023-5244
NAME__________Microweber cross-site scriptingPlatforms Affected:Risk Level:5Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Microweber is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by...
AjaxNewsTicker cross-site request forgery | CVE-2023-41452
NAME__________AjaxNewsTicker cross-site request forgeryPlatforms Affected:PHPKOBO AjaxNewsTicker 1.05Risk Level:6.5Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________AjaxNewsTicker is vulnerable to cross-site request forgery, caused by...
Progress Software WS_FTP Server cross-site scripting | CVE-2023-40047
NAME__________Progress Software WS_FTP Server cross-site scriptingPlatforms Affected:Progress Software WS_FTP Server 8.8.1Risk Level:5.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Progress Software WS_FTP Server is vulnerable to...
Font Awesome More Icons plugin for WordPress cross-site scripting | CVE-2023-5232
NAME__________Font Awesome More Icons plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Font Awesome More Icons plugin for WordPress 3.5 WordPress Font...
AjaxNewsTicker cross-site scripting | CVE-2023-41447
NAME__________AjaxNewsTicker cross-site scriptingPlatforms Affected:PHPKOBO AjaxNewsTicker 1.05Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________AjaxNewsTicker is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
Font Awesome Integration plugin for WordPress cross-site scripting | CVE-2023-5233
NAME__________Font Awesome Integration plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Font Awesome Integration plugin for WordPress 5.0 WordPress Font Awesome Integration...
Blackcat CMS cross-site scripting | CVE-2023-44043
NAME__________Blackcat CMS cross-site scriptingPlatforms Affected:BlackCat CMS BlackCat CMS 1.4.1Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Blackcat CMS is vulnerable to cross-site scripting, caused by...
TM WooCommerce Compare and Wishlist plugin for WordPress cross-site scripting | CVE-2023-5230
NAME__________TM WooCommerce Compare and Wishlist plugin for WordPress cross-site scriptingPlatforms Affected:WordPress TM WooCommerce Compare and Wishlist plugin for WordPress 1.1.7...
Content Moderation Notifications module for Drupal information disclosure |
NAME__________Content Moderation Notifications module for Drupal information disclosurePlatforms Affected:Drupal Content Moderation Notifications module for Drupal 9.0.3Risk Level:4.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Content Moderation...
8 Base Ransomware Victim: Kona Equity
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
8 Base Ransomware Victim: C[.]F[.] Service and Supply
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
New Survey Uncovers How Companies Are Confronting Data Security Challenges Head-On
Data security is in the headlines often, and it's almost never for a positive reason. Major breaches, new ways to...
Researchers Uncover New GPU Side-Channel Vulnerability Leaking Sensitive Data
A novel side-channel attack called GPU.zip renders virtually all modern graphics processing units (GPU) vulnerable to information leakage. "This channel...
Update Chrome Now: Google Releases Patch for Actively Exploited Zero-Day Vulnerability
Google on Wednesday rolled out fixes to address a new actively exploited zero-day in the Chrome browser. Tracked as CVE-2023-5217,...
New ZenRAT Malware Targeting Windows Users via Fake Password Manager Software
A new malware strain called ZenRAT has emerged in the wild that's distributed via bogus installation packages of the Bitwarden...
Red Cross-Themed Phishing Attacks Distributing DangerAds and AtlasAgent Backdoors
A new threat actor known as AtlasCross has been observed leveraging Red Cross-themed phishing lures to deliver two previously undocumented...
The Dark Side of Browser Isolation – and the Next Generation Browser Security Technologies
The landscape of browser security has undergone significant changes over the past decade. While Browser Isolation was once considered the...
Cisco Warns of Vulnerability in IOS and IOS XE Software After Exploitation Attempts
Cisco is warning of attempted exploitation of a security flaw in its IOS Software and IOS XE Software that could...
China-Linked Budworm Targeting Middle Eastern Telco and Asian Government Agencies
Government and telecom entities have been subjected to a new wave of attacks by a China-linked threat actor tracked as...
GitHub Repositories Hit by Password-Stealing Commits Disguised as Dependabot Contributions
A new deceptive campaign has been observed hijacking GitHub accounts and committing malicious code disguised as Dependabot contributions with an...
China’s BlackTech Hacking Group Exploited Routers to Target U.S. and Japanese Companies
Cybersecurity agencies from Japan and the U.S. have warned of attacks mounted by a state-backed hacking group from China to...
Security researcher stopped at US border for investigating crypto scam
Security researcher Sam Curry describes a stressful situation he encountered upon his return to the U.S. when border officials and...
Budworm hackers target telcos and govt orgs with custom malware
A Chinese cyber-espionage hacking group tracked as Budworm has been observed targeting a telecommunication firm in the Middle East and...
