A new threat has emerged, targeting the very core of Linux systems around the globe. This peril, identified as CVE-2023-6817, lurks within the NetFilter subsystem of the Linux kernel, a critical component that governs...
In the ever-evolving landscape of cybersecurity, a new threat has emerged, known as the Terrapin attack. This sophisticated cyber assault targets the SSH (Secure Shell) protocol, a widely used standard for secure network services...
In the ever-evolving landscape of cyber security, the discovery of vulnerabilities within widely-used software systems is not uncommon. The latest to join this list is Apache Doris, an MPP (Massively Parallel Processing) architecture-based analytical...
A critical security flaw has been discovered in 3CX’s VoIP software, prompting the company to urge customers to disable their CRM integrations immediately. While details remain under wraps, the potential for a data breach...
A team of vigilant researchers at Microsoft uncovered a critical Remote Code Execution (RCE) vulnerability in Perforce Helix Core Server, a widely used source code management platform in industries including video games, government, military,...
In the intricate world of web and RPC frameworks, Apache Dubbo stands out as a beacon for enterprise-level microservices, renowned for its simplicity, high performance, and a suite of features that ensure seamless service...
The Chinese cybersecurity firm QiAnXin has identified a new campaign by the Lazarus group, which employs npm packages to launch supply chain attacks through a multi-tiered loading method to conceal the traces of their...
pfSense, the popular open-source firewall solution, has recently been patched for three critical vulnerabilities that could have allowed attackers to gain remote access to your network. These flaws, discovered by security researchers at SonarCloud,...
Fortinet issued a security advisory on December 12th, disclosing multiple vulnerabilities affecting its products, including one classified as Critical. The advisory revealed twelve vulnerabilities across various products, particularly in their FortiOS operating system. Among...
Critical vulnerabilities in Delta Electronics’ Operational Technology (OT) monitoring product could enable hackers to conceal their activities from the staff of the targeted organization. The issue affects a Delta product named InfraSuite Device Master,...
LibreOffice, the popular free and open-source office suite, has recently been patched for two critical vulnerabilities that could put user data at risk. CVE-2023-6185 and CVE-2023-6186 vulnerabilities could allow attackers to gain control of...
In the ever-evolving landscape of cyber threats, the Lazarus Group stands as a formidable name, notorious for its sophisticated attacks and elusive tactics. Recently, Cisco Talos discovered their new campaign, dubbed “Operation Blacksmith,” has...
Attention WordPress users! A critical security vulnerability has been discovered in the Backup Migration plugin, impacting over 90,000 websites. This vulnerability, known as CVE-2023-6553 and rated 9.8/10 in severity, allows attackers to take complete...
The United States National Vulnerability Database (NVD) added Bitcoin to its list on December 9th, highlighting a protocol vulnerability that facilitated the development of the Ordinals Protocol in 2022. This flaw has been assigned...
PyInstaller, a popular tool for packaging Python applications, has been harboring a vulnerability that could allow unprivileged attackers to escalate their privileges and gain control of your system. This vulnerability, identified as CVE-2023-49797 with...
Microsoft has released a critical security update for its Edge browser. This update addresses multiple vulnerabilities that could be exploited by attackers to gain access to your system, steal sensitive information, or even take...
