CYBER Threat Intelligence Reports
LATEST CTIs
CISA Adds CVE-2024-27198 to Known Exploited Vulnerabilities Catalog
CISA has added CVE-2024-27198, an authentication bypass vulnerability in JetBrains TeamCity, to its Known Exploited Vulnerabilities Catalog. Organizations are urged to update to TeamCity version…
Read more >
CISA Advisory: Apple Security Updates for Multiple Products
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory regarding security updates released by Apple for multiple products, including Safari, macOS, watchOS, tvOS,…
Read more >
“Spinning YARN” Cyberattacks Target Cloud Servers Running Apache Hadoop, Atlassian Confluence, Docker, and Redis
The "Spinning YARN" cyberattack campaign targets cloud servers running Apache Hadoop, Atlassian Confluence, Docker, and Redis. Attackers exploit common misconfigurations and a known Confluence vulnerability…
Read more >
VMware Issues Security Patches for ESXi, Workstation, and Fusion Flaws
VMware has released security patches for four vulnerabilities in ESXi, Workstation, and Fusion. Critical flaws CVE-2024-22252 and CVE-2024-22253, use-after-free vulnerabilities in the XHCI USB controller,…
Read more >
CISA: Active Exploitation of Windows Kernel Vulnerability (CVE-2024-21338)
A high-severity Windows Kernel vulnerability (CVE-2024-21338) is being actively exploited, granting attackers SYSTEM-level access on affected systems. The Lazarus group, linked to North Korea, has…
Read more >
CVE-2023-50378 Apache Ambari Stored Cross-Site Scripting Vulnerability
The security flaw CVE-2023-50378 in Apache Ambari, a Hadoop cluster management tool, is a stored cross-site scripting (XSS) vulnerability that allows attackers to inject malicious…
Read more >
