Page Builder by AZEXO Plugin for WordPress security bypass | CVE-2023-3053
NAME__________Page Builder by AZEXO Plugin for WordPress security bypassPlatforms Affected:WordPress RapidExpCart Plugin for WordPress 1.0 WordPress Page Builder by AZEXO...
Captura code execution | CVE-2023-3091
NAME__________Captura code executionPlatforms Affected:Captura Captura 8.0.0Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Captura could allow a local authenticated attacker to execute arbitrary code on...
code-projects Agro-School Management System cross-site scripting | CVE-2023-3060
NAME__________code-projects Agro-School Management System cross-site scriptingPlatforms Affected:SourceCode and Projects Agro-School Management System 1.0Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________code-projects Agro-School Management System is...
Agro-School Management System file upload | CVE-2023-3061
NAME__________Agro-School Management System file uploadPlatforms Affected:SourceCode and Projects Agro-School Management System 1.0Risk Level:6.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Agro-School Management System could allow a...
JGraph draw.io cross-site scripting |
NAME__________JGraph draw.io cross-site scriptingPlatforms Affected:jgraph drawio 21.2.5Risk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________JGraph draw.io is vulnerable to cross-site scripting, caused by improper validation...
IBOS SQL injection | CVE-2023-3100
NAME__________IBOS SQL injectionPlatforms Affected:IBOS IBOS 4.5.5Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________IBOS is vulnerable to SQL injection. A remote attacker could send specially-crafted...
code-projects Agro-School Management System SQL injection | CVE-2023-3094
NAME__________code-projects Agro-School Management System SQL injectionPlatforms Affected:SourceCode and Projects Agro-School Management System 1.0Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________code-projects Agro-School Management System is...
Zyxel Firewalls Under Attack! Urgent Patching Required
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday placed two recently disclosed flaws in Zyxel firewalls to its...
Cyclops Ransomware Gang Offers Go-Based Info Stealer to Cybercriminals
Threat actors associated with the Cyclops ransomware have been observed offering an information stealer malware that's designed to capture sensitive...
Chinese PostalFurious Gang Strikes UAE Users with Sneaky SMS Phishing Scheme
A Chinese-speaking phishing gang dubbed PostalFurious has been linked to a new SMS campaign that's targeting users in the U.A.E....
Karakurt Ransomware Victim: Beacon ABA Services
KARAKURT RANSOMWARE NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
Microsoft links Clop ransomware gang to MOVEit data-theft attacks
Microsoft has linked the Clop ransomware gang to recent attacks exploiting a zero-day vulnerability in the MOVEit Transfer platform to...
The Genesis Market Takedown – Keep Users Credentials Secure
For years, "dark" markets have contained stolen credentials for sale. One of the larger and more notorious markets was the...
GIGABYTE releases new firmware to fix recently disclosed security flaws
Gigabyte B660M GAMING X DDR4 Source: GIGABYTE.com GIGABYTE has released firmware updates to fix security vulnerabilities in over 270 motherboards...
KeePass v2.54 fixes bug that leaked cleartext master password
KeePass has released version 2.54, fixing the CVE-2023-32784 vulnerability that allows the extraction of the cleartext master password from the...
SpinOk Android malware found in more apps with 30 million installs
The SpinOk malware was found in a new batch of Android apps on Google Play, reportedly installed an additional 30...
Clop ransomware claims responsibility for MOVEit extortion attacks
The Clop ransomware gang has told BleepingComputer they are behind the MOVEit Transfer data-theft attacks, where a zero-day vulnerability was...
New tool scans iPhones for ‘Triangulation’ malware infection
Cybersecurity firm Kaspersky has released a tool to detect if Apple iPhones and other iOS devices are infected with a...
The Annual Report: 2024 Plans and Priorities for SaaS Security
Over 55% of security executives report that they have experienced a SaaS security incident in the past two years —...
Microsoft: Lace Tempest Hackers Behind Active Exploitation of MOVEit Transfer App
Microsoft has officially linked the ongoing active exploitation of a critical flaw in the Progress Software MOVEit Transfer application to...
JD Group – 521,878 breached accounts
HIBP In May 2023, the South African retailer JD Group announced a data breach affecting a number of their online...
PikaBot C2 Detected – 103[.]151[.]20[.]137:2078
PikaBot C2 The Information provided at the time of posting was detected as "PikaBot C2". Depending on when you are...
PikaBot C2 Detected – 193[.]122[.]200[.]171:2078
PikaBot C2 The Information provided at the time of posting was detected as "PikaBot C2". Depending on when you are...
PikaBot C2 Detected – 192[.]9[.]135[.]73:1194
PikaBot C2 The Information provided at the time of posting was detected as "PikaBot C2". Depending on when you are...
