September 27, 2024 at 09:24AM New security vulnerabilities in CUPS on Linux systems permit remote command execution. Attackers can exploit these issues to install fake printers and execute malicious code, potentially leading to data theft or system damage. The vulnerabilities affect RHEL but do not impact Palo Alto Networks products. Patches are forthcoming, and temporary … Read more
July 26, 2024 at 02:30AM Cybersecurity researchers have identified an ongoing campaign known as SeleniumGreed, targeting internet-exposed Selenium Grid services for illicit cryptocurrency mining. With the potential for remote command execution, Cloud security Wiz urges proper protection measures, as misconfigured instances pose significant security risks. The threat actor’s identity remains unknown, emphasizing the need for … Read more
April 16, 2024 at 03:57PM Ivanti released security updates to address 27 vulnerabilities in its Avalanche mobile device management (MDM) solution, including critical heap overflows enabling remote command execution. Additionally, 25 medium and high-severity bugs were patched, fixing issues such as denial-of-service attacks and remote code execution. Users are advised to update to the latest … Read more
April 9, 2024 at 11:37AM Bitdefender researchers discovered four critical vulnerabilities in LG WebOS used in smart TVs, allowing unauthorized access and control. Exploiting these flaws, attackers can bypass authorization, gain root access, execute arbitrary commands, and create arbitrary accounts using a PIN. LG took five months to release security updates, emphasizing the importance of … Read more
January 5, 2024 at 12:38PM Security researchers have identified critical vulnerabilities, CVE-2023-33246 and CVE-2023-37582, in Apache RocketMQ. Despite an initial patch, these vulnerabilities remain active, impacting the NameServer component in RocketMQ version 5.1 and older. Attackers can exploit these flaws to execute commands and should upgrade to version 5.1.2/4.9.7 or higher to prevent attacks. ShadowServer … Read more