CYBER Threat Intelligence Reports
LATEST CTIs
CVE-2024-40075: XXE Vulnerability in Laravel v11.x
A critical XML External Entity (XXE) vulnerability, identified as CVE-2024-40075, has been discovered in Laravel v11.x, a widely-used PHP web framework. Discovered by security researcher…
Read more >
Trojanized jQuery Uncovered in Widespread NPM Supply Chain Attack
A sophisticated supply chain attack targeting the jQuery library has been uncovered, involving trojanized versions distributed through npm, GitHub, and jsDelivr. The malicious code, inserted…
Read more >
Source Code Disclosure Flaw Patched in Apache HTTP Server (CVE-2024-39884)
The Apache Software Foundation has released Apache HTTP Server version 2.4.61 to address a critical source code disclosure vulnerability (CVE-2024-39884). Rated as "Important," this flaw…
Read more >
RCE Vulnerability (CVE-2024-39943) Found in HTTP File Server
A critical vulnerability (CVE-2024-39943) has been identified in HFS (HTTP File Server), exposing systems to remote code execution (RCE). Affecting versions before 0.52.10 on Linux,…
Read more >
BGP Hijacking and Route Leak Disrupt Cloudflare’s 1.1.1.1 DNS Service
Cloudflare’s popular 1.1.1.1 DNS resolver service experienced disruptions on June 27, 2024, due to BGP hijacking and a route leak by Brazilian networks Eletronet and…
Read more >
Code Injection Vulnerability in MongoDB Compass (CVE-2024-6376)
A critical security vulnerability, CVE-2024-6376, has been discovered in MongoDB Compass, exposing systems to code injection risks. Due to insufficient sandbox protection in the ejson…
Read more >
