Vulnerability

As previously reported, CVE-2023-4966 was discovered and published by Citrix. This vulnerability affected Citrix NetScaler Gateway and ADC devices. Following this, AssetNote published a proof-of-concept for this vulnerability named “CitrixBleed.” However, this vulnerability was discovered...

Microsoft has launched the Defender Bounty Program, which aims to improve the security of its customers' experience by incentivizing researchers with rewards of up to USD 20,000. Through this program, Microsoft encourages researchers to...

An attack campaign that installs XMRig Coinminer on Windows web servers that run on Apache has been discovered recently. The threat actors used the Cobalt Strike tool as a medium to target the internal...

An arbitrary file write vulnerability has been discovered in Nessus, which allows an authenticated, remote attacker to perform a denial of service condition on affected installations. This vulnerability has been assigned with CVE-2023-6062, and...

Apache ActiveMQ is a Java-based open-source protocol that allows distributed applications to exchange messages. It uses the JMS API to provide a dependable messaging platform for sharing data across systems written in diverse programming languages. It...

A high-severity Remote Code Execution (RCE) flaw in Splunk Enterprise has been discovered, enabling an attacker to upload malicious files. Versions of Splunk Enterprise less than 9.0.7 and 9.1.2 do not properly sanitize user-supplied extended stylesheet...

Recent research into Google Workspace and Google Cloud Platform by Bitdefender Labs reveals novel attack methods, potentially leading to network-wide breaches and raising concerns about ransomware attacks or data exfiltration. The team has performed hundreds...

OS command injection is a security vulnerability where an attacker exploits improper user input validation to inject malicious commands into an operating system. This can lead to:- Unauthorized access Data breaches System compromise FortiSIEM is a security information...

Google Chrome Stable Channel Update for Desktop version 119.0.6.45.159 for Mac and Linux and 119.0.6045.159/.160 for Windows has been released, which will be rolling out to all users soon. There were two vulnerabilities fixed,...

As previously reported, three high-severity vulnerabilities in Kubernetes existed in Ingress controllers for NGINX. In addition to this, another high-severity vulnerability for Kubernetes Windows has been discovered.  This new vulnerability has been given CVE-2023-5528 with...