June 23, 2024 at 03:08PM Hackers are exploiting a flaw in the pkfacebook module for PrestaShop to deploy a card skimmer and steal credit card details from vulnerable e-commerce sites. The flaw, tracked as CVE-2024-36680, allows for SQL injection vulnerabilities. Promokit claims the flaw was fixed, but Friends-Of-Presta warns of active exploitation and recommends specific … Read more
June 21, 2024 at 09:21AM Apple classified a recently patched Vision Pro vulnerability as a DoS issue, but a researcher has demonstrated its potential for filling a room with spiders and bats. This exploit highlights the severity of the flaw, raising concerns about the security implications of spatial computing. Based on the meeting notes, it … Read more
June 21, 2024 at 09:21AM Threat actors are exploiting a recently patched SolarWinds Serv-U vulnerability (CVE-2024-28995) using public proof-of-concept code, as reported by GreyNoise. The vulnerability allows unauthorized access to sensitive files on the host machine. Rapid7 published a technical writeup on successfully exploiting the issue, warning of its trivial exploitability. SolarWinds customers are urged … Read more
June 21, 2024 at 05:24AM A high-severity flaw in SolarWinds Serv-U file transfer software (CVE-2024-28995, CVSS score: 8.6) allows attackers to read sensitive files. Security researcher Hussein Daher discovered the flaw, and a proof-of-concept exploit has been made available. Rapid7 described it as trivial to exploit. Users are urged to apply updates promptly to mitigate … Read more
June 20, 2024 at 11:54AM Threat actors are actively exploiting a SolarWinds Serv-U path-traversal vulnerability using publicly available proof-of-concept exploits. The CVE-2024-28995 flaw allows unauthenticated attackers to read arbitrary files from the filesystem. SolarWinds released a fix, but public exploits are available, making it crucial for administrators to apply the security updates promptly. Based on … Read more
June 20, 2024 at 10:58AM Cybersecurity researchers have disclosed a now-patched security flaw in Phoenix SecureCore UEFI firmware affecting multiple Intel Core processor families. Tracked as CVE-2024-0762 with a CVSS score of 7.5, the “UEFIcanhazbufferoverflow” vulnerability allowed a local attacker to execute malicious code within the firmware, impacting devices using Phoenix SecureCore firmware on select … Read more
June 19, 2024 at 04:03AM Two security vulnerabilities in Mailcow, impacting versions prior to 2024-04, were disclosed by SonarSource. CVE-2024-30270 allows arbitrary code execution via path traversal, and CVE-2024-31204 enables cross-site scripting. Exploiting both could hijack admin sessions and execute arbitrary code. Mailcow users are urged to update to the latest version to mitigate these … Read more
June 17, 2024 at 11:00AM ASUS has released software updates to address critical security flaws in its routers, including an authentication bypass vulnerability (CVE-2024-3080) with a high CVSS score of 9.8 and a buffer overflow flaw (CVE-2024-3079). These vulnerabilities could allow remote attackers to execute arbitrary commands on specific router models. Users are advised to … Read more
June 17, 2024 at 08:30AM A suspected China-linked cyber espionage actor conducted a prolonged attack on an East Asian organization for three years, using legacy F5 BIG-IP appliances for internal command-and-control. Sygnia identified the threat, named Velvet Ant, as sophisticated and innovative, utilizing PlugX and DLL side-loading. The attack also involved disabling endpoint security software … Read more
June 14, 2024 at 06:39AM CISA warns federal agencies of ongoing exploitation of CVE-2024-4358, a recently patched authentication bypass vulnerability in Progress Software’s Telerik Report Server. The bug allows attackers to create a new administrator user, manipulate authentication tokens, and achieve remote code execution. CISA urges identifying and mitigating vulnerable instances within three weeks. Key … Read more