Critical Cisco ASA Flaw Allows SSH Remote Command Injection
A critical vulnerability has been identified in the Cisco Adaptive Security Appliance (ASA) Software, posing a significant security risk to systems using this software.
The flaw allows authenticated remote attackers to execute commands on the...
Critical SolarWinds Web Help Desk Vulnerability Exposes Systems To Remote Attack
A critical vulnerability has been identified in SolarWinds Web Help Desk, potentially allowing attackers to execute remote code on affected systems.
The Trend Micro Zero Day Initiative (ZDI) team discovered the flaw, designated CVE-2024-28988.
This...
Linux System ‘noexec’ Mount Flag Flaw Allows Malicious Code Execution
A recent discovery in the Linux ecosystem has unveiled a method to bypass the 'noexec' mount flag, enabling malicious code execution on systems that were previously thought to be secure.
This vulnerability exploits a...
90+ Zero-Days, 40+ N-Days Exploited In The Wild
Hackers exploit security vulnerabilities in the wild primarily to gain 'unauthorized access to systems,' 'steal sensitive data,' and 'disrupt services.'
These vulnerabilities often arise from "software bugs," "misconfiguration," and "outdated systems" that have not been...
PoC Exploit Released For Windows Kernel-Mode Drivers Privilege Escalation Flaw
A critical vulnerability in Windows Kernel-Mode Drivers has been exposed with the release of a Proof-of-Concept (PoC) exploit, allowing attackers to escalate privileges to SYSTEM level.
The vulnerability, identified as CVE-2024-35250, affects various versions...
Popular Java Framework pac4j Vulnerable To RCE Attacks
A critical security vulnerability has been identified in the popular Java security framework, pac4j, specifically affecting versions prior to 4.0.
This vulnerability tracked as CVE-2023-25581, allows for remote code execution (RCE), posing a significant...
Foxit PDF Reader Vulnerability Let Attackers Execute Arbitrary Code
Foxit PDF Reader has a memory corruption vulnerability that could allow an attacker to execute arbitrary code on the victim machine. Foxit PDF Reader is a free, highly powerful, and feature-rich PDF viewer and editor...
Researcher Exploited CI / CD Pipelines To Gain Full Server Access
A CI/CD pipeline is a series of automated steps that helps software teams deliver code faster, safer, and more reliably.
It coordinates all the processes involved in continuous integration (CI) and continuous delivery (CD). The...
Researchers Exploited Remote Code Execution Moodle Platform
The popular learning platform Moodle was found to have a critical vulnerability that allowed for remote code execution, which was caused by an improper sanitization of user input that could be exploited to inject...
Tag-100 Hacker Group Exploiting Citrix NetScaler & F5 BIG-IP Vulnerabilities
A new threat actor, TAG-100, has emerged and is actively targeting government and private sector organizations worldwide and initiates its attacks by exploiting vulnerabilities in internet-facing devices, such as Citrix NetScaler and F5 BIG-IP,...
Recent Posts
WhatsApp’s New Advanced Chat Privacy Feature to Protect Sensitive Conversations
WhatsApp has announced the rollout of its new "Advanced Chat Privacy" feature, designed to give users greater control over the confidentiality of their conversations....