CYBER Threat Intelligence Reports


Trojanized jQuery Uncovered in Widespread NPM Supply Chain Attack

A sophisticated supply chain attack targeting the jQuery library has been uncovered, involving trojanized versions distributed through npm, GitHub, and jsDelivr. The malicious code, inserted…

Read more >

Source Code Disclosure Flaw Patched in Apache HTTP Server (CVE-2024-39884)

The Apache Software Foundation has released Apache HTTP Server version 2.4.61 to address a critical source code disclosure vulnerability (CVE-2024-39884). Rated as "Important," this flaw…

Read more >

RCE Vulnerability (CVE-2024-39943) Found in HTTP File Server

A critical vulnerability (CVE-2024-39943) has been identified in HFS (HTTP File Server), exposing systems to remote code execution (RCE). Affecting versions before 0.52.10 on Linux,…

Read more >

BGP Hijacking and Route Leak Disrupt Cloudflare’s DNS Service

Cloudflare’s popular DNS resolver service experienced disruptions on June 27, 2024, due to BGP hijacking and a route leak by Brazilian networks Eletronet and…

Read more >

Code Injection Vulnerability in MongoDB Compass (CVE-2024-6376)

A critical security vulnerability, CVE-2024-6376, has been discovered in MongoDB Compass, exposing systems to code injection risks. Due to insufficient sandbox protection in the ejson…

Read more >

Malicious npm Package “legacyreact-aws-s3-typescript” Backdoors AWS Users

A malicious npm package, "legacyreact-aws-s3-typescript," mimicking a legitimate Amazon S3 tool, was found to contain a backdoor allowing remote attackers to execute commands and gain…

Read more >

Cybersecurity Best Practice

Under Cyber Attack?

Fill out the form and we will contact you immediately.