CYBER Threat Intelligence Reports
LATEST CTIs
CVE-2024-7772 & CVE-2024-7781: RCE and Account Takeover Vulnerabilities in Jupiter X Core Plugin Put 90,000+ WordPress Sites at Risk
Two critical vulnerabilities in the Jupiter X Core plugin (CVE-2024-7772 & CVE-2024-7781) expose over 90,000 WordPress sites to remote code execution and account takeover risks—immediate…
Read more >
CVE-2024-8275: SQL Injection Vulnerability in ‘The Events Calendar’ Plugin Puts 700,000+ WordPress Sites at Risk
A critical SQL injection vulnerability (CVE-2024-8275) in The Events Calendar plugin allows unauthenticated attackers to execute arbitrary SQL commands, risking data exposure and database integrity…
Read more >
Iranian Nation-State Threat Actors Targeting Critical Infrastructure: Tactics and Mitigations
In a joint advisory issued on October 16, 2024, cybersecurity and intelligence agencies from the U.S., Canada, Australia, and allied partners warn of a sustained…
Read more >
High-Risk Vulnerabilities Discovered in Splunk Enterprise CVE-2024-45731, CVE-2024-45732, CVE-2024-45733
New vulnerabilities have been discovered affecting older versions of Splunk Enterprise, a popular platform for data analysis, monitoring, and security operations. These vulnerabilities, if exploited,…
Read more >
CISA: Active Exploitation of SolarWinds HelpDesk Software Vulnerability (CVE-2024-28987)
A critical vulnerability in SolarWinds Web Help Desk (WHD) software, originally discovered in August, is confirmed to being under active exploitation. Tracked as CVE-2024-28987, this…
Read more >
Supply Chain Attacks Exploit Entry Points in Python, npm, and Other Open-Source Ecosystems
Supply chain attacks are exploiting entry points in open-source ecosystems like Python and npm to inject malicious code and compromise developer environments.
Read more >
