CYBER Threat Intelligence Reports
LATEST CTIs
Ivanti EPM SQL Injection Flaw Allows Remote Code Execution
Ivanti EPM users must urgently update to mitigate CVE-2024-29824, a critical SQL injection flaw enabling remote code execution via the RecordGoodApp function.
Read more >
256,000+ Publicly Exposed Windows Servers Vulnerable to MSMQ RCE Flaw
256,000+ Windows Servers Vulnerable to Critical MSMQ RCE Flaw (CVE-2024-30080) Pose Significant Global Security Threat.
Read more >
PHP Vulnerability Exposes Millions of Servers to RCE (CVE-2024-4577)
A critical PHP vulnerability (CVE-2024-4577) allows unauthenticated attackers to perform RCE, necessitating immediate updates and vigilant monitoring to protect affected servers.
Read more >
Cisco Finesse Vulnerabilities Open Door to Attacks (CVE-2024-20404, CVE-2024-20405)
Cisco Finesse vulnerabilities (CVE-2024-20404 and CVE-2024-20405) allow unauthenticated, remote attackers to perform SSRF and XSS attacks, necessitating immediate software updates and enhanced monitoring.
Read more >
Targeted Identity-Based Attacks on Snowflake Customers: Potential Triggers and Response
Snowflake is investigating targeted identity-based attacks exploiting customer credentials. On May 31st, 2024, Snowflake, CrowdStrike, and Mandiant confirmed the investigation, finding no vulnerabilities in Snowflake’s…
Read more >
CVE-2024-3820 in wpDataTables Puts 70,000 WordPress Sites at Risk
A critical SQL injection vulnerability (CVE-2024-3820, CVSS 10) in the wpDataTables WordPress plugin has put 70,000 sites at risk. Discovered by security researcher villu164, the…
Read more >
