An independent cybersecurity researcher has released a Proof-of-Concept (PoC) exploit for the RCE vulnerability CVE-2023-46214 in the widely used data monitoring and analysis system Splunk, specifically in its corporate product, Enterprise. This exploit enables...
Apache Tomcat, a popular open-source Java web application server, has been found to harbor a critical vulnerability that could allow attackers to execute arbitrary code on affected servers. This vulnerability, dubbed CVE-2023-46589, has been...
Apache Superset, a popular open-source data visualization and exploration platform, has recently been identified as harboring three critical security vulnerabilities. These vulnerabilities pose a significant risk to organizations that rely on Apache Superset to...
Popular PDF reader Foxit Reader has been found to harbor multiple security vulnerabilities that could allow attackers to remotely execute malicious code on vulnerable systems. These vulnerabilities, discovered by researchers from Cisco’s Talos Vulnerability...
In a worrying turn of events, a critical security vulnerability has been discovered in WPS Office, a popular productivity suite used by millions of individuals and organizations worldwide. This vulnerability tracked as CVE-2023-31275 and...
One of the most popular tools for hacking cryptocurrency wallets, Inferno Drainer, announced its definitive closure. On November 26, the service team, in a statement published on Telegram, declared that “time for us to...
On November 22, hackers launched a sophisticated cyberattack against CTS, the largest provider of managed IT services in the United Kingdom. The incident resulted in significant disruptions for numerous legal firms and severely undermined...
Perl, a versatile and widely used programming language, has been a mainstay in the developer’s toolkit for decades. However, like any software, Perl is not immune to vulnerabilities. Recently, two critical security flaws were...
In today’s hyperconnected world, portable hotspots have become indispensable tools for staying connected on the go. However, these devices are not immune to security vulnerabilities, and one such vulnerability has been discovered in the...
Security researcher Matei “Mal” Badanoiu disclosed the proof-of-concept (PoC) of a patched vulnerability that was tracked as CVE-2023-34468 and has been found to impact Apache NiFi. Assigned a CVSS score of 8.8, the flaw...
Apache DolphinScheduler is a popular open-source workflow management platform that is widely used by enterprises to orchestrate and manage complex data processing pipelines. Recently, a critical vulnerability, CVE-2023-48796, was discovered in Apache DolphinScheduler that...
Trend Micro has uncovered a malicious Chrome extension named ParaSiteSnatcher, primarily targeting users in Latin America, specifically in Brazil. This extension empowers malefactors to track, manipulate, and purloin sensitive information from various sources, encompassing financial...
Recently, Cisco’s Talos intelligence group unveiled critical vulnerabilities in Adobe Acrobat Reader, a widely used PDF tool. These vulnerabilities, if exploited, could lead to arbitrary code execution, compromising the security and privacy of millions...
In the ever-evolving landscape of cyber threats, a new menace has emerged, capturing the attention of IBM X-Force researchers: the WailingCrab malware. Also known as WikiLoader, this multi-component malware has been evolving, especially in...
In the shadowy realm of cybersecurity, new threats emerge with alarming frequency, preying on unsuspecting users and jeopardizing their digital assets. Cyble Research and Intelligence Labs (CRIL) recently unearthed a disturbing discovery – a...
In the ever-evolving landscape of cybersecurity threats, ransomware remains a persistent and formidable adversary. Recently, Qualys Threat Research uncovered a cunning tactic employed by the Phobos ransomware family. This malicious software, known for its...
