CYBER Threat Intelligence Reports
LATEST CTIs
Vulnerability in Jetpack Plugin (Affects 27M+ WordPress Sites): Immediate Update Required to Prevent Data Exposure
A critical vulnerability in the Jetpack plugin’s Contact Form feature affects 27M+ WordPress sites, risking unauthorized data access—update to version 13.9.1 immediately to secure sensitive…
Read more >
CVE-2024-47374: Stored XSS Vulnerability in LiteSpeed Cache Plugin Puts 6M+ WordPress Sites at Risk
A high-severity stored XSS vulnerability (CVE-2024-47374) in the LiteSpeed Cache plugin allows unauthenticated script injection on over 6 million WordPress sites—update to version 6.5.1 immediately…
Read more >
CVE-2024-7772 & CVE-2024-7781: RCE and Account Takeover Vulnerabilities in Jupiter X Core Plugin Put 90,000+ WordPress Sites at Risk
Two critical vulnerabilities in the Jupiter X Core plugin (CVE-2024-7772 & CVE-2024-7781) expose over 90,000 WordPress sites to remote code execution and account takeover risks—immediate…
Read more >
CVE-2024-8275: SQL Injection Vulnerability in ‘The Events Calendar’ Plugin Puts 700,000+ WordPress Sites at Risk
A critical SQL injection vulnerability (CVE-2024-8275) in The Events Calendar plugin allows unauthenticated attackers to execute arbitrary SQL commands, risking data exposure and database integrity…
Read more >
Iranian Nation-State Threat Actors Targeting Critical Infrastructure: Tactics and Mitigations
In a joint advisory issued on October 16, 2024, cybersecurity and intelligence agencies from the U.S., Canada, Australia, and allied partners warn of a sustained…
Read more >
High-Risk Vulnerabilities Discovered in Splunk Enterprise CVE-2024-45731, CVE-2024-45732, CVE-2024-45733
New vulnerabilities have been discovered affecting older versions of Splunk Enterprise, a popular platform for data analysis, monitoring, and security operations. These vulnerabilities, if exploited,…
Read more >
