New Apache Tomcat Vulnerabilities Let Attackers Execute Remote Code
Two critical vulnerabilities have been discovered in Apache Tomcat, the popular open-source web server, and servlet container, potentially allowing attackers...
Read more →Category: CyberSecurityNews
Microsoft Sentinel Launched Agentless Integration for SAP Security
With critical SAP vulnerabilities being weaponized within 72 hours of a patch release, and unprotected SAP applications provisioned in cloud...
Read more →
Beware Of Malicious SharePoint Notifications Delivering Xloader Malware
A sophisticated phishing campaign exploiting fake Microsoft SharePoint notifications to distribute the Xloader malware. This malicious operation, recently intercepted by...
Read more →
Hackers Exploit Google Calendar & Google Drawings in Phishing Campaigns
Google Calendar, with over 500 million active users worldwide and availability in 41 languages, has long been celebrated for its...
Read more →
Google’s New XRefer Tool to Analyze More Complex Malware Samples
Google’s Mandiant FLARE team has unveiled XRefer, a cutting-edge tool designed to streamline the complex process of malware analysis. This...
Read more →
CISA Issues Best Practices to Secure Microsoft 365 Cloud Environments
The Cybersecurity and Infrastructure Security Agency (CISA) has released Binding Operational Directive (BOD) 25-01, mandating federal civilian agencies to enhance...
Read more →
New DDoS Malware “cShell” Exploit Linux Tools to Attack SSH Servers
The AhnLab Security Intelligence Center (ASEC) has uncovered a new strain of DDoS malware, named cShell, targeting poorly managed Linux...
Read more →
Critical RCE Vulnerability in Apache Struts Actively Exploited using Public PoC
A critical security vulnerability has been identified in Apache Struts, a popular open-source framework for building Java-based web applications actively...
Read more →
FBI Warns Of HiatusRAT Attacking Web Cameras And DVRs To Gain Full Access
The Federal Bureau of Investigation (FBI) has issued a Private Industry Notification (PIN) alerting cybersecurity professionals and system administrators about...
Read more →
Azure Data Factory And Apache Airflow Integration Flaws Let Attackers Gain Write Access
Researchers uncovered new security vulnerabilities in the Azure Data Factory Apache Airflow integration dubbed “Dirty DAG”, which allow attackers to...
Read more →
RCE Vulnerability in 1,000,000 WordPress Sites Lets Hackers Take Full Control
A critical Remote Code Execution (RCE) vulnerability (CVE-2024-6386), affecting over 1,000,000 active installations of the WordPress Multilingual Plugin (WPML). This...
Read more →
Hackers Exploit Microsoft Management Console to Drop Backdoor on Windows
Securonix Threat Research team has uncovered a sophisticated tax-related phishing campaign that employs Microsoft Common Console Document (MSC) files and...
Read more →