EHA
Atlassian Zero-Day Flaw Under Attack

CISA, FBI Warns of Critical Atlassian Zero-Day Flaw Under Active Attack

A serious security flaw in some versions of Atlassian Confluence Data Center and Server has been exploited by hackers.  They have used this flaw to create fake admin accounts and access Confluence servers. This flaw is...
Nation-state Hackers Exploiting Confluence Zero-day Vulnerability

Nation-state Hackers Exploiting Confluence Zero-day Vulnerability

Microsoft has detected the nation-state threat actor Storm-0062, also known as DarkShadow or Oro0lxy, exploiting CVE-2023-22515 in the wild since September 14, 2023.  The vulnerability was publicly disclosed on October 4, 2023, and this CVE-2023-22515...
HTTP/2 Rapid Reset Zero-day Flaw Exploited to Launch Massive DDoS Attack

HTTP/2 Rapid Reset Zero-day Flaw Exploited to Launch Massive DDoS Attack

Cloudflare was unexpectedly hit by an enormous HTTP attack that peaked at over 201 million requests per second. Starting on August 25, 2023, this onslaught posed a significant challenge, especially considering that it was initiated...
Zero-Days for Hacking WhatsApp Are Now Worth Millions of Dollars

Zero-Day WhatsApp Hacking Vulnerabilities Worth Millions

Securing the devices running iOS and Android operating systems is now costly due to improved defenses.  According to a recent report by TechCrunch, there has been a surge in the demand for zero-day exploits that...
Apple Emergency Update for New Zero-Day Used to Hack iPhones

Apple Emergency Update for New Zero-Day Used to Hack iPhones

Apple has discovered a Zero-day vulnerability affecting iOS and iPadOS versions earlier than 17.0.3, which could allow threat actors to elevate their privileges. The CVE for this vulnerability has been given as CVE-2023-42824, and...
Sony Breached Via MOVEit

Sony Breached Via MOVEit Zero-Day Vulnerability

Sony Interactive Entertainment (SIE) discloses a cybersecurity breach caused by the exploitation of a zero-day vulnerability in Progress Software's MOVEit Transfer platform. Nearly 6791 current and former workers or members of their families who reside in...
Qualcomm Sys Hackers Actively Exploit 3 new Zero-Days – Patch Now

Qualcomm Sys Hackers Actively Exploit 3 new Zero-Days – Patch Now

Three new zero days have been reported to Qualcomm, which were CVE-2023-33106, CVE-2023-33107, and CVE-2023-33063. These vulnerabilities were discovered as part of Google Project Zero and were disclosed to Qualcomm by Google Threat Analysis...
Microsoft Teams & Edge Zero-Day Vulnerabilities Leads to Arbitrary Code Execution

Microsoft Teams & Edge Zero-Day Vulnerabilities Leads to Code Execution

Microsoft has addressed two zero-day vulnerabilities in two Open-Source Software security vulnerabilities, which include Microsoft Edge, Microsoft Teams for Desktop, Skype for Desktop, and Webp images extension. These vulnerabilities were previously reported and had the...
Exim SMTP Service Zero-day Flaw Let Attackers Execute Remote Code

Exim SMTP Service Zero-day Flaw Let Attackers Execute Remote Code

Six new zero-day vulnerabilities in Exim Message Transfer Agent have been reported as part of the Zero-Day initiative. These vulnerabilities were discovered in June 2022 but were not disclosed until now as Exim did...
$20M Offered By Russian Zero-Day Seller To Hack Android And iPhone devices

$20M Offered By Russian Zero-Day Seller To Hack Android And iPhone Devices

The Russian company Operation Zero is currently offering researchers $20 million in exchange for hacking tools that would enable its customers to take control of Android and iPhone devices. “By increasing the premium and providing...

Managed WAF

Website

Latest News