CYBER Threat Intelligence Reports
LATEST CTIs
0-Day Vulnerability in 10,000 Web Apps Exploited Using XSS Payloads
0-Day Vulnerability in 10,000 Web Apps Exploited Using XSS Payloads: A critical XSS vulnerability (CVE-2024-37629) in SummerNote 0.8.18 impacts over 10,000 web applications, allowing attackers…
Read more >
Ivanti EPM SQL Injection Flaw Allows Remote Code Execution
Ivanti EPM users must urgently update to mitigate CVE-2024-29824, a critical SQL injection flaw enabling remote code execution via the RecordGoodApp function.
Read more >
256,000+ Publicly Exposed Windows Servers Vulnerable to MSMQ RCE Flaw
256,000+ Windows Servers Vulnerable to Critical MSMQ RCE Flaw (CVE-2024-30080) Pose Significant Global Security Threat.
Read more >
PHP Vulnerability Exposes Millions of Servers to RCE (CVE-2024-4577)
A critical PHP vulnerability (CVE-2024-4577) allows unauthenticated attackers to perform RCE, necessitating immediate updates and vigilant monitoring to protect affected servers.
Read more >
Cisco Finesse Vulnerabilities Open Door to Attacks (CVE-2024-20404, CVE-2024-20405)
Cisco Finesse vulnerabilities (CVE-2024-20404 and CVE-2024-20405) allow unauthenticated, remote attackers to perform SSRF and XSS attacks, necessitating immediate software updates and enhanced monitoring.
Read more >
Targeted Identity-Based Attacks on Snowflake Customers: Potential Triggers and Response
Snowflake is investigating targeted identity-based attacks exploiting customer credentials. On May 31st, 2024, Snowflake, CrowdStrike, and Mandiant confirmed the investigation, finding no vulnerabilities in Snowflake’s…
Read more >
