CYBER Threat Intelligence Reports
LATEST CTIs
Urgent Security Alert: SQL Injection Vulnerability in WordPress Ultimate Member Plugin (CVE-2024-1071)
A critical SQL Injection vulnerability, CVE-2024-1071, affects the Ultimate Member WordPress plugin versions 2.1.3 to 2.8.2, impacting over 200,000 sites. Update to version 2.8.3 immediately…
Read more >
CISA: Mozilla Releases Security Updates for Firefox and Thunderbird to Address Critical Vulnerabilities
On February 21, 2024, Mozilla released critical security updates for Firefox, Firefox ESR, and Thunderbird to address vulnerabilities that could allow cyber threat actors to…
Read more >
Vulnerability in RSS Aggregator by Feedzy Plugin (CVE-2024-1317)
The RSS Aggregator by Feedzy plugin for WordPress has a vulnerability (CVE-2024-1317) in versions up to 4.4.2, allowing SQL injection attacks by authenticated users with…
Read more >
Security Flaw in VMware’s Enhanced Authentication Plugin (EAP) Puts Active Directory at Risk
VMware urges users to uninstall the Enhanced Authentication Plugin (EAP) due to a critical flaw (CVE-2024-22245, CVSS score: 9.6) that compromises Active Directory. A related…
Read more >
Urge in Banking Malware Campaign Abusing Google Cloud Run
A rise in banking malware campaigns exploiting Google Cloud Run has been detected, spreading Trojans like Astaroth, Mekiotio, and Ousaban across Latin America, Europe, and…
Read more >
“Helpdesk Support” Phishing Campaign Compromising Outlook Credentials
The "Helpdesk Support" phishing campaign targets Outlook users with deceptive emails, leading to fake login pages that steal credentials. To combat this threat, the Italian…
Read more >
