Update now! Apple patches two zero-day vulnerabilities that may have been actively exploited
Apple has released security updates for macOS Monterey 12.3.1, iOS 15.4.1, iPadOS 15.4.1, tvOS 15.4.1, and watchOS 8.5.1. The update...
Hive ransomware impacts California non-profit health organisation
Ransomware authors are once again targeting health services, holding important files to ransom and impacting potentially vital services. On this...
LockBit 2.0 Ransomware Victim: https://liceu[.]barcelona/
LockBit 2.0 Ransomware NOTE: The information on this page is automated and scraped directly from the LockBit 2.0 Onion Dark...
Conti Ransomware Victim: https-www-mideacarrier-com-b
continews NOTE: The information on this page is automated and scraped directly from the Conti .onion Dark Web Tor Blog...
Anonymous targets oligarchs’ Russian businesses: Marathon Group hacked
Anonymous continues its operations against Russia, the group announced the hack of the Russian investment firm Marathon Group. Anonymous continues...
AcidRain, a wiper that crippled routers and modems in Europe
Researchers spotted a new destructive wiper, tracked as AcidRain, that is likely linked to the recent attack against Viasat. Security...
Royal Enfield – 420,873 breached accounts
In January 2020, motorcycle maker Royal Enfield left a database publicly exposed that resulted in the inadvertent publication of over...
Slyther – AWS Security Tool
Slyther is AWS Security tool to check read/write/delete access for S3 buckets Requirements aws-cli Installation pip3 install -r requirements.txt Usage...
Zyxel fixes a critical bug in its business firewall and VPN devices
Zyxel issued security updates for a critical vulnerability that affects some of its business firewall and VPN devices. Networking equipment...
Spring Framework version 5.3.18-CVE-2022-22965
NAME Spring Projects - Spring Framework Platforms Affected:Spring FrameworkRisk Level:highCVE Type:RCE DESCRIPTION CVE-2022-22965 is a remote code execution (RCE) vulnerability...
Apple macOS Monterey 12.3.1-CVE-2022-22675
NAME Apple - Multiple Platforms Affected:MultipleRisk Level:mediumCVE Type:Out-of-bounds write DESCRIPTION CVE-2022-22675 is an out-of-bounds write vulnerability impacting Apple macOS Monterey...
Tryton security update-CVE-2022-26662
NAME Tryton - Multiple Platforms Affected:MultipleRisk Level:lowCVE Type:XML entity expansion DESCRIPTION CVE-2022-26662 is a xml entity expansion vulnerability impacting multiple...
Apple macOS Monterey 12.3.1-CVE-2022-22674
NAME Apple - macOS Monterey Platforms Affected:macOS MontereyRisk Level:mediumCVE Type:Out-of-bounds read DESCRIPTION CVE-2022-22674 is an out-of-bounds read vulnerability impacting Apple...
Google Chrome version 97.0.4692.71-CVE-2022-0337
NAME Google - Chrome Platforms Affected:ChromeRisk Level:lowCVE Type:Inappropriate implementation DESCRIPTION CVE-2022-0337 is an inappropriate implementation vulnerability impacting Google Chrome versions...
Spring Framework code execution | CVE-2022-22965
NAME Spring Framework code execution Platforms Affected:Spring Spring Framework 5.2.2 Spring Spring Framework 5.3.0 Spring Spring Framework 5.3.1 Spring Spring...
Accusoft ImageGear code execution | CVE-2021-40398
NAME Accusoft ImageGear code execution Platforms Affected:Accusoft ImageGear 19.10Risk Level:8.1Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION Accusoft ImageGear could allow a remote...
Medical Hub Directory Site cross-site scripting |
NAME Medical Hub Directory Site cross-site scripting Platforms Affected:SourcecCodester Medical Hub Directory Site 1.0Risk Level:7.2Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Medical Hub Directory...
Vim buffer overflow | CVE-2022-1154
NAME Vim buffer overflow Platforms Affected:Vim Vim 6.0 Vim Vim 6.3 Vim Vim 6.4 Vim Vim 7.1.298 Vim Vim 7.2b...
TIBCO Managed File Transfer Platform Server code execution | CVE-2022-22772
NAME TIBCO Managed File Transfer Platform Server code execution Platforms Affected:TIBCO Managed File Transfer Platform Server for UNIX 8.1.0 TIBCO...
ELECOM routers security bypass | CVE-2022-25915
NAME ELECOM routers security bypass Platforms Affected:ELECOM WRC-2533GST2 1.13 ELECOM WRC-1900GST2 1.13 ELECOM WRC-1750GST2 1.13 ELECOM LAN WRC-1167GST2A 1.25 ELECOM...
Baicells Nova436Q and Neutrino 430 devices default account | CVE-2022-24693
NAME Baicells Nova436Q and Neutrino 430 devices default account Platforms Affected:BaiCells NOVA436Q QRTB 2.7.8Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Baicells Nova436Q and...
CISA adds Sophos firewall bug to Known Exploited Vulnerabilities Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Sophos firewall flaw and seven other issues to...
Flaws in Wyze cam devices allow their complete takeover
Wyze Cam devices are affected by three security vulnerabilities that can allow attackers to takeover them and access camera feeds....
Lazarus Trojanized DeFi app for delivering malware
For the Lazarus threat actor, financial gain is one of the prime motivations, with a particular emphasis on the cryptocurrency...
