CYBER Threat Intelligence Reports
LATEST CTIs
Jenkins CLI Vulnerability CVE-2024-23897 – A Critical Path to Remote Code Execution
Jenkins faces a severe threat from CVE-2024-23897, a critical CLI vulnerability enabling unauthorized file access and potential remote code execution. With a CVSS score of…
Read more >
Critical GitLab Zero-Click Account Takeover Vulnerability Exposed
A critical vulnerability in GitLab, CVE-2023-7028, affects over 5,300 internet-facing instances, allowing attackers to execute zero-click account takeovers. This flaw enables unauthorized redirection of password…
Read more >
Urgent Security Update: CVE-2024-0204 in Fortra GoAnywhere MFT – Critical Authentication Bypass Vulnerability
A critical vulnerability, CVE-2024-0204, has been discovered in Fortra's GoAnywhere Managed File Transfer (MFT) software, allowing unauthorized creation of administrative users and potentially leading to…
Read more >
Alert: Apache ActiveMQ Flaw Exploited in Godzilla Web Shell Attacks (CVE-2023-46604)
A critical Apache ActiveMQ flaw, CVE-2023-46604, is being exploited to install the elusive Godzilla web shell on compromised systems. This high-severity vulnerability allows complete host…
Read more >
Alert: Critical Atlassian Confluence RCE Flaw Exploited by Hackers (CVE-2023-22522, CVE-2023-22527)
Hackers are exploiting two critical RCE vulnerabilities in Atlassian Confluence, CVE-2023-22522 and CVE-2023-22527, with a recent surge in attacks particularly targeting versions prior to December…
Read more >
CISA’s Advisory on Ivanti Vulnerabilities and Mitigation Challenges (CVE-2023-46805, CVE-2024-21887)
In response to critical vulnerabilities in Ivanti Connect Secure and Policy Secure, as detailed in CISA's advisory, Ivanti warns against making configuration changes post-mitigation, which…
Read more >
