EHA
ShadowSyndicate Hackers Exploit Aiohttp Vulnerability To Steal Sensitive Data

ShadowSyndicate Hackers Exploit Aiohttp Vulnerability To Steal Sensitive Data

A directory traversal vulnerability (CVE-2024-23334) was identified in aiohttp versions before 3.9.2. This vulnerability allows remote attackers to access sensitive files on the server because aiohttp doesn't validate file reading within the root directory...
PoC Exploit Released For Critical Flowmon Vulnerability

PoC Exploit Released For Critical Flowmon Vulnerability

Progress addressed a critical vulnerability last week, which was associated with an unauthenticated Command injection on the Progress Flowmon product. This vulnerability was assigned CVE-2024-2189, and the severity was given as 10.0 (Critical). Progress Flowmon is...
Fortinet Vulnerability Exploited

Fortinet Vulnerability Exploited To Deploy RMM tools And PowerShell Backdoors

Threat actors have been discovered exploiting a Fortinet Forticlient EMS vulnerability to install unauthorized RMM tools and PowerShell backdoors on the targeted systems. The vulnerability exploited by the threat actors was CVE-2023-48788. Moreover, an external inbound...
Researched Exploit DHCP To Escalate Privileges In Windows Domains

Hackers Exploit DHCP To Escalate Privileges In Windows Domains

Researchers at Akamai have unveiled a new technique that could potentially put millions of Windows domains at risk. This technique exploits the Dynamic Host Configuration Protocol (DHCP) administrators group to escalate privileges within Active...
Follina Exploit Let Hackers Compromise the Domain Controller Via RDP Session

Follina Exploit Let Hackers Compromise the Domain Controller Via RDP Session

An intrusion was detected by The DFir Report in early June 2022 that leveraged the Follina vulnerability, CVE-2022-30190 to gain initial access. Apart from getting initial access it also initiated the infection chain of...

Managed WAF

Website

Latest News