Critical RCE vulnerabilities in Ivanti Endpoint Manager grant remote server access to attackers
Ivanti has released security updates for its Endpoint Manager (EPM) 2024 and 2022 SU6 versions to address multiple severe and…
WhatsApp’s view once privacy flaw: exploited and abusable
WhatsApp’s “View Once” feature, designed to enhance privacy by allowing users to share disappearing photos and videos, has come under…
Alert: CISA warns of three actively exploited vulnerabilities
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding three critical vulnerabilities that are currently being exploited…
Quad7 Botnet: expanding threat landscape targets routers and VPNs
The Quad7 botnet, also known as the 7777 and xlogin botnets, has gained notoriety for utilizing compromised routers to launch…
GeoServer RCE vulnerability: a threat to geospatial data infrastructure
GeoServer, an open-source Java-based server, enables the sharing and management of geospatial data. However, a critical vulnerability (CVE-2024-36401) has emerged,…
Veeam software vulnerabilities: urgent action required for enhanced cybersecurity
Veeam Software, a renowned provider of data protection solutions, has recently disclosed the discovery of several critical and high-severity vulnerabilities…
SonicWall alerts to critical access control flaw actively targeted
As a cybersecurity expert, I’m here to alert you to a critical vulnerability (CVE-2024-40766) affecting SonicWall Firewall products. This improper…
Persistent backdoors via Linux pluggable authentication modules: a new threat
Recent research by the Group-IB Digital Forensics and Incident Response (DFIR) team has revealed a novel technique exploiting Linux’s Pluggable…
Critical Progress LoadMaster vulnerability: unauthenticated code execution
A severe vulnerability (CVE-2024-7591) has been discovered in the Progress LoadMaster product line, including all releases and the Multi-Tenant (MT)…