CYBER Threat Intelligence Reports
LATEST CTIs
High-Risk Vulnerabilities in Iris DFIR Platform: Analysis and Mitigation (CVE-2024-25624 & CVE-2024-34060)
Two vulnerabilities in the Iris DFIR platform—CVE-2024-25624 (High-Risk SSTI, CVSS: 6.8) and CVE-2024-34060 (High-Risk Arbitrary File Write, CVSS: 8.8)—pose significant security risks by allowing remote…
Read more >
0-Day Vulnerability in 10,000 Web Apps Exploited Using XSS Payloads
0-Day Vulnerability in 10,000 Web Apps Exploited Using XSS Payloads: A critical XSS vulnerability (CVE-2024-37629) in SummerNote 0.8.18 impacts over 10,000 web applications, allowing attackers…
Read more >
Ivanti EPM SQL Injection Flaw Allows Remote Code Execution
Ivanti EPM users must urgently update to mitigate CVE-2024-29824, a critical SQL injection flaw enabling remote code execution via the RecordGoodApp function.
Read more >
256,000+ Publicly Exposed Windows Servers Vulnerable to MSMQ RCE Flaw
256,000+ Windows Servers Vulnerable to Critical MSMQ RCE Flaw (CVE-2024-30080) Pose Significant Global Security Threat.
Read more >
PHP Vulnerability Exposes Millions of Servers to RCE (CVE-2024-4577)
A critical PHP vulnerability (CVE-2024-4577) allows unauthenticated attackers to perform RCE, necessitating immediate updates and vigilant monitoring to protect affected servers.
Read more >
Cisco Finesse Vulnerabilities Open Door to Attacks (CVE-2024-20404, CVE-2024-20405)
Cisco Finesse vulnerabilities (CVE-2024-20404 and CVE-2024-20405) allow unauthenticated, remote attackers to perform SSRF and XSS attacks, necessitating immediate software updates and enhanced monitoring.
Read more >
