13 New Vulnerabilities in BMC Firmware Let Hackers Launch Remote Attacks on OT & IoT Networks

13 New Vulnerabilities in BMC Firmware Let Hackers Launch Remote Attacks on OT &...

BMC (Baseboard Management Controller) firmware from Lanner has been found to contain over a dozen vulnerabilities that could allow remote attacks to be launched against OT and IoT networks. As a result of analyzing an...
OpenSSL Fixed Two High Severity Vulnerabilities That Can be Exploited Remotely

OpenSSL Fixed Two High Severity Vulnerabilities That Can be Exploited Remotely

There have been two high-severity security vulnerabilities recently discovered and patched by the OpenSSL Project in its open-source cryptographic library.  Encryption of communication channels and HTTPS connections is achieved through the use of this cryptographic...
Follina Exploit Let Hackers Compromise the Domain Controller Via RDP Session

Follina Exploit Let Hackers Compromise the Domain Controller Via RDP Session

An intrusion was detected by The DFir Report in early June 2022 that leveraged the Follina vulnerability, CVE-2022-30190 to gain initial access. Apart from getting initial access it also initiated the infection chain of...
GitHub Repojacking Bug Let Hackers Take Control Over a GitHub Repository

GitHub Repojacking Bug Let Hackers Take Control Over a GitHub Repository

A high-severity security flaw has been patched recently by GitHub on September 19, 2022, and it's a cloud-based repository hosting service. By exploiting this vulnerability, malicious repositories could have been created and attacks on...
Chrome Zero-Day Bug Actively Exploited in Wild – Update Now!

Chrome Zero-Day Bug Actively Exploited in Wild – Update Now!

In order to address a potentially exploitable zero-day vulnerability discovered in recent attacks on Google's Chrome desktop web browser, Google has released a security update as an emergency fix. The vulnerability has been tracked as...
Sandbreak – A Critical Remote Code Execution Bug Found in Widely Used vm2 JavaScript Sandbox

Sandbreak – A Critical Remote Code Execution Bug Found in Widely Used vm2 JavaScript...

In the JavaScript sandbox library vm2, the cybersecurity analysts at Oxeye research team have recently found a severe RCE flaw dubbed, "Sandbreak." Through the NPM package repository, the vm2 sandbox library achieves a total of...
CSA Provides Common Vulnerability Exploited by China State-Sponsored Hackers – A Complete List

CSA Provides Common Vulnerability Exploited by China State-Sponsored Hackers – A Complete List

The CISA has recently published a joint CSA with the NSA and the FBI about the top CVEs that are exploited by the threat actors since 2020 and the threat actors are Chinese state-sponsored. Chinese...
Vulnerable TP-Link Routers

Thousands of Vulnerable TP-Link Routers Can be Exploited By Multiple Hackers

Researchers found that there are thousands of TP-Link routers used all over the globe that are vulnerable to exploitation by several hacking groups. Hackers from the following countries may be able to exploit these vulnerable...
Warning!! New WhatsApp Zero-Day Bug Let Hackers Control The App Remotely

Warning!! New WhatsApp Zero-Day Bug Let Hackers Control The App Remotely

Two critical zero-day vulnerability that WhatsApp had been known to exploit was silently fixed by WhatsApp. As a result of these security flaws, attackers would be able to remotely execute arbitrary code on both...
Security Flaw in Microsoft Teams

Severe Security Flaw in Microsoft Teams Desktop App Let Attackers Access Authentication Tokens

Earlier, in August 2022, Vectra researchers discovered an attack path that let attackers with file system access to steal credentials for any Microsoft Teams user who is signed in. Reports say the attackers don’t require...
Website