Google Warns of Pixel Firmware Zero-Day Under Limited, Targeted Exploitation

June 12, 2024 at 02:17PM Google released a significant Pixel security update addressing a zero-day vulnerability CVE-2024-32896 exploited in the wild. The update addresses 44 Pixel-specific vulnerabilities, including seven critical bugs. It also fixes issues in Qualcomm components. Additionally, a separate actively exploited Arm Mali GPU Kernel Driver flaw, tagged as CVE-2024-4610, has been highlighted. … Read more

TellYouthePass Ransomware Group Exploits Critical PHP Flaw

June 12, 2024 at 11:50AM TellYouThePass, a ransomware group, is targeting businesses and individuals using open source Web development languages, exploiting a critical PHP vulnerability (CVE-2024-4577) for remote code execution. This allows them to execute arbitrary code on vulnerable servers, posing significant risks. They also use various attack techniques and exploit known vulnerabilities such as … Read more

Patch Tuesday: Remote Code Execution Flaw in Microsoft Message Queuing

June 11, 2024 at 05:36PM Microsoft has issued urgent patches for critical vulnerabilities in its Windows operating system. The most severe flaw, CVE-2024-30080, allows for remote code execution in the Microsoft Message Queuing component. Additionally, there are numerous code execution issues in Microsoft Office, Windows services, and a remote code execution vulnerability in Windows WiFi … Read more

POC exploit code published for 9.8-rated Apache HugeGraph RCE flaw

June 6, 2024 at 09:26PM Apache HugeGraph version 1.3.0 addresses a critical vulnerability (CVE-2024-27348), allowing potential exploitation for remote command execution. Exploit codes for the flaw are available, so it’s crucial for Java 8 and 11 users to upgrade to the fixed version to prevent potential security breaches and unauthorized access. Based on the meeting … Read more

Hackers exploit 2018 ThinkPHP flaws to install ‘Dama’ web shells

June 6, 2024 at 05:31PM Chinese threat actors are targeting vulnerable ThinkPHP applications, exploiting old flaws CVE-2018-20062 and CVE-2019-9082 to install a persistent web shell named Dama. The web shell allows further exploitation of breached endpoints, giving the attackers remote control, network scanning, and database access. Organizations are advised to update to ThinkPHP version 8.0 … Read more

Details of Atlassian Confluence RCE Vulnerability Disclosed

June 4, 2024 at 10:15AM A high-severity vulnerability, tracked as CVE-2024-21683, allows remote code execution in Atlassian Confluence Data Center and Server. Identified by SonicWall, the flaw requires user privileges to add and upload a malicious language file. Atlassian has released patches, yet threat actors could still target this and other known vulnerabilities. Key takeaways … Read more

Atlassian Confluence High-Severity Bug Allows Code Execution

June 3, 2024 at 05:09PM SonicWall Capture Labs found a high-severity remote code execution vulnerability (CVE-2024-21683) in Atlassian Confluence. It enables threat actors to execute arbitrary code with network access and macro language privileges. SonicWall released signatures to protect customers and warned about the available exploit code. Users are urged to upgrade due to Confluence … Read more

TP-Link Gaming Router Vulnerability Exposes Users to Remote Code Attacks

May 28, 2024 at 02:45AM A critical security flaw, CVE-2024-5035, with a 10.0 CVSS score, was discovered in TP-Link Archer C5400X router, allowing remote code execution. The flaw, patched in version 1_1.1.7, arises from a binary related to radio frequency testing, exposing a network listener. TP-Link’s fix blocks commands with special characters. Other undisclosed vulnerabilities … Read more

Ivanti Patches Critical Remote Code Execution Flaws in Endpoint Manager

May 23, 2024 at 05:39AM Ivanti has released fixes for multiple critical security flaws in Endpoint Manager (EPM), addressing SQL injection vulnerabilities and high-severity security flaws in other products. Additionally, a critical flaw in the open-source Genie federated Big Data orchestration and execution engine has been disclosed, posing a risk for remote code execution. The … Read more

Critical Netflix Genie Bug Opens Big Data Orchestration to RCE

May 22, 2024 at 09:03AM Netflix has patched a critical vulnerability in its open source Genie job orchestration engine, designated as CVE-2024-4701. Remote attackers could potentially execute arbitrary code, exploiting a file upload process. The bug is present in Genie OSS versions prior to 4.3.18. Organizations are urged to upgrade to the fixed version to … Read more