CYBER Threat Intelligence Reports
LATEST CTIs
CVE-2024-3246: LiteSpeed Cache Plugin Vulnerability Puts Millions of WordPress Sites at Risk
A critical CSRF vulnerability, CVE-2024-3246, has been discovered in the LiteSpeed Cache (LS Cache) WordPress plugin, affecting over five million sites. This flaw allows attackers…
Read more >
CVE-2024-40075: XXE Vulnerability in Laravel v11.x
A critical XML External Entity (XXE) vulnerability, identified as CVE-2024-40075, has been discovered in Laravel v11.x, a widely-used PHP web framework. Discovered by security researcher…
Read more >
Trojanized jQuery Uncovered in Widespread NPM Supply Chain Attack
A sophisticated supply chain attack targeting the jQuery library has been uncovered, involving trojanized versions distributed through npm, GitHub, and jsDelivr. The malicious code, inserted…
Read more >
Source Code Disclosure Flaw Patched in Apache HTTP Server (CVE-2024-39884)
The Apache Software Foundation has released Apache HTTP Server version 2.4.61 to address a critical source code disclosure vulnerability (CVE-2024-39884). Rated as "Important," this flaw…
Read more >
RCE Vulnerability (CVE-2024-39943) Found in HTTP File Server
A critical vulnerability (CVE-2024-39943) has been identified in HFS (HTTP File Server), exposing systems to remote code execution (RCE). Affecting versions before 0.52.10 on Linux,…
Read more >
BGP Hijacking and Route Leak Disrupt Cloudflare’s 1.1.1.1 DNS Service
Cloudflare’s popular 1.1.1.1 DNS resolver service experienced disruptions on June 27, 2024, due to BGP hijacking and a route leak by Brazilian networks Eletronet and…
Read more >
