49 unique zero-days Uncovered in Pwn2Own Automotive
On the final day of Pwn2Own Automotive 2024 – Day 3, researchers were granted $1,323,750 in rewards for identifying 49 distinct...
Read more →Category: CyberSecurityNews
Critical Jenkins Vulnerability Let Attackers Execute Remote Code
Jenkins is an open-source automation server that is based on Java used for continuous integration and continuous delivery processes. Threat...
Read more →
Unified Communications Flaw Let Attackers Execute Arbitrary Code
Cisco Unified Communications and Contact Center Solutions, known for their robustness, have recently been under scrutiny due to a critical...
Read more →
3000+ Posts on Dark Web to Use ChatGPT for Illegal Purposes
For the multitude of malicious activities, threat actors could exploit ChatGPT due to its conversational abilities, such as generating convincing...
Read more →
Chrome Flaw Let Attacker Corrupt Memory via Crafted HTML Page
Google has updated the Stable channels to 121.0.6167.85 for Mac and Linux and 121.0.6167.85/.86 for Windows as part of a...
Read more →
Researchers Awarded Over $1 Million in Pwn2Own Hacking Competition
At Pwn2Own Automotive 2024 Day 2, researchers were rewarded over $1 million for exploiting Tesla infotainment systems, Sony, Alphine players, Autel charging systems,...
Read more →
5379 GitLab Servers are Vulnerable to Zero-Click Takeover Attacks
GitLab has released important security fixes for versions 16.7.2, 16.6.4, and 16.5.6 for GitLab Community Edition (CE) and Enterprise Edition...
Read more →
HP Hacked by Russian ‘Cozy Bear’ hacker Group
On December 12, 2023, Hewlett Packard Enterprise (HPE) received chilling news: the notorious nation-state actor Midnight Blizzard, also known as...
Read more →
Researchers Exploited Tesla & Sony in Pwn2Own Automotive
Pwn2Own 2024 Automotive is a unique event aimed at identifying and fixing flaws in connected automotive technologies. Tokyo, Japan, hosts...
Read more →
Python based WIREFIRE web shell Attacking Ivanti VPN
Recently, QuoIntelligence’s research team unearthed a previously undetected variant of the notorious WIREFIRE web shell, a Python-based implant targeting compromised...
Read more →
Mass Exploitation of Ivanti VPN Exposes Networks to Hack Attacks
It was previously reported that Ivanti Connect Secure was vulnerable to an authentication bypass (CVE-2023-46805) and a command injection vulnerability...
Read more →
Exploit Released for critical GoAnywhere MFT auth bypass
Fortra-owned GoAnywhere MFT (Managed File Transfer) has been discovered with a new vulnerability that could allow an unauthorized threat actor...
Read more →