CYBER Threat Intelligence Reports
LATEST CTIs
CVE-2024-4041: XSS Vulnerability in Yoast SEO Plugin
A critical security vulnerability, designated CVE-2024-4041, has been discovered in the Yoast SEO plugin used on over 5 million WordPress sites. This reflected Cross-Site Scripting…
Read more >
“Mal.Metrica” Malware Rampantly Exploiting WordPress to Compromise Over 17,000 Sites
The Mal.Metrica malware is actively exploiting WordPress vulnerabilities, impacting more than 17,000 sites. This malware deceives users with fake CAPTCHA prompts leading to scam-ridden sites,…
Read more >
XSS Vulnerability in WordPress Core (CVE-2024-4439)
A severe stored Cross-Site Scripting (XSS) vulnerability, CVE-2024-4439, has been discovered in WordPress versions up to 6.5.2, particularly affecting the Avatar block. This vulnerability allows…
Read more >
Widespread Attack on WordPress Sites via LiteSpeed Cache Plugin Exploit (CVE-2023-40000)
Hackers are exploiting a critical vulnerability, CVE-2023-40000, in the LiteSpeed Cache Plugin for WordPress, impacting over 5 million websites. This flaw allows unauthorized administrative account…
Read more >
CVE-2024-2848 in Responsive WordPress Theme
A critical vulnerability, CVE-2024-2848, has been detected in the Responsive WordPress theme, affecting over 30,000 sites. This flaw allows attackers to inject malicious HTML into…
Read more >
Security Flaws Uncovered in node-mysql2 Database Library
Security flaws in the node-mysql2 library pose severe risks to millions of applications. Key vulnerabilities, CVE-2024-21508 and CVE-2024-21511, allow remote code execution, potentially giving attackers…
Read more >
