CYBER Threat Intelligence Reports
LATEST CTIs
CVE-2023-50378 Apache Ambari Stored Cross-Site Scripting Vulnerability
The security flaw CVE-2023-50378 in Apache Ambari, a Hadoop cluster management tool, is a stored cross-site scripting (XSS) vulnerability that allows attackers to inject malicious…
Read more >
Microsoft Resolves Outlook Sync Issue Over Exchange ActiveSync
Microsoft has addressed a synchronization issue affecting some Microsoft 365 users' Outlook desktop clients, which prevented them from connecting to email servers via Exchange ActiveSync…
Read more >
Addition of CVE-2023-29360 to CISA’s Known Exploited Vulnerabilities Catalog
CISA has updated its Known Exploited Vulnerabilities Catalog with CVE-2023-29360, a vulnerability in Microsoft Streaming Service. This addition, based on evidence of active exploitation, highlights…
Read more >
U.S. Court Orders NSO Group to Hand Over Pegasus Spyware Code to WhatsApp
In a significant legal victory for Meta, a U.S. judge has ordered NSO Group to provide the source code for its Pegasus spyware, following a…
Read more >
ConnectWise ScreenConnect Vulnerabilities (CVE-2024-1709 and CVE-2024-1708)
Sophos X-Ops warns of critical vulnerabilities in ConnectWise ScreenConnect, affecting versions prior to 23.9.8. CVE-2024-1709 and CVE-2024-1708 pose severe risks, enabling remote code execution and…
Read more >
Urgent Security Alert: SQL Injection Vulnerability in WordPress Ultimate Member Plugin (CVE-2024-1071)
A critical SQL Injection vulnerability, CVE-2024-1071, affects the Ultimate Member WordPress plugin versions 2.1.3 to 2.8.2, impacting over 200,000 sites. Update to version 2.8.3 immediately…
Read more >
