Multiple SonicWall Vulnerabilities Let Attackers Execute Remote Code
72 Hours to Audit-Ready API Security APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API…
Category: GBHackers
Rockwell Automation Warns of Multiple Code Execution Vulnerabilities in Arena
Rockwell Automation has issued a critical security advisory addressing multiple remote code execution (RCE) vulnerabilities discovered in its Arena® software. These vulnerabilities, reported by the…
Django Security Update, Patch for DoS & SQL Injection Vulnerability
The Django team has issued critical security updates for versions 5.1.4, 5.0.10, and 4.2.17. These updates address two vulnerabilities: a potential denial-of-service (DoS) attack in…
Researchers Released hrtng IDA Pro Plugin for Malware Analyst to Make Reverse Engineering Easy
The Global Research and Analysis Team (GReAT) has announced the release of hrtng, a cutting-edge plugin for IDA Pro, one of the most prominent tools for reverse…
Europol Dismantled 50+ Servers Used For Fake Online Shopping Websites
Europol, in collaboration with law enforcement across Europe, has taken down a sophisticated cybercriminal network responsible for large-scale online fraud. Over 50 servers were seized,…
Multiple ICS Advisories Released by CISA Detailing Exploits & Vulnerabilities
The Cybersecurity and Infrastructure Security Agency (CISA) has released two advisories highlighting significant security vulnerabilities in Industrial Control Systems (ICS) software and hardware. These vulnerabilities,…
Windows NTLM Zero-Day Vulnerability Exposes User Credentials
A critical zero-day vulnerability affecting all modern Windows Workstation and Server versions has been discovered. The flaw enables attackers to steal NTLM credentials with minimal…
One Identity Named Winner of the Coveted Top InfoSec Innovator Awards for 2024 – GBHackers Security
One Identity named Hot Company: Privileged Access Management (PAM) in 12th Cyber Defense Magazine’s Annual InfoSec Awards during CyberDefenseCon 2024. One Identity proudly announces it…
Deloitte UK Hacked – Brain Cipher Group Claim to Have Stolen 1 TB of Data
Brain Cipher has claimed to have breached Deloitte UK and exfiltrated over 1 terabyte of sensitive data. Emerging in June 2024, Brain Cipher has quickly…
Cisco NX-OS Flaw Let Attackers Bypass Image Signature Verification
A critical vulnerability has been identified in the bootloader of Cisco NX-OS Software, potentially allowing attackers to bypass image signature verification. This flaw, which affects…
ChatGPT Next Web vulnerability Let Attackers exploit endpoint to Perform SSRF
Researchers released a detailed report on a significant security vulnerability named CVE-2023-49785, affecting the ChatGPT Next Web, popularly known as NextChat. This vulnerability has raised…
I-O DATA Routers Command Injection Vulnerabilities Actively Exploited in Attacks
I-O DATA DEVICE, INC. has announced that several critical vulnerabilities in their UD-LT1 and UD-LT1/EX routers are being actively exploited. These vulnerabilities pose significant risks…