CYBER Threat Intelligence Reports


0-Day Vulnerability in 10,000 Web Apps Exploited Using XSS Payloads

0-Day Vulnerability in 10,000 Web Apps Exploited Using XSS Payloads: A critical XSS vulnerability (CVE-2024-37629) in SummerNote 0.8.18 impacts over 10,000 web applications, allowing attackers…

Read more >

Ivanti EPM SQL Injection Flaw Allows Remote Code Execution

Ivanti EPM users must urgently update to mitigate CVE-2024-29824, a critical SQL injection flaw enabling remote code execution via the RecordGoodApp function.

Read more >

256,000+ Publicly Exposed Windows Servers Vulnerable to MSMQ RCE Flaw

256,000+ Windows Servers Vulnerable to Critical MSMQ RCE Flaw (CVE-2024-30080) Pose Significant Global Security Threat.

Read more >

PHP Vulnerability Exposes Millions of Servers to RCE (CVE-2024-4577)

A critical PHP vulnerability (CVE-2024-4577) allows unauthenticated attackers to perform RCE, necessitating immediate updates and vigilant monitoring to protect affected servers.

Read more >

Cisco Finesse Vulnerabilities Open Door to Attacks (CVE-2024-20404, CVE-2024-20405)

Cisco Finesse vulnerabilities (CVE-2024-20404 and CVE-2024-20405) allow unauthenticated, remote attackers to perform SSRF and XSS attacks, necessitating immediate software updates and enhanced monitoring.

Read more >

Targeted Identity-Based Attacks on Snowflake Customers: Potential Triggers and Response

Snowflake is investigating targeted identity-based attacks exploiting customer credentials. On May 31st, 2024, Snowflake, CrowdStrike, and Mandiant confirmed the investigation, finding no vulnerabilities in Snowflake’s…

Read more >

Cybersecurity Best Practice

Under Cyber Attack?

Fill out the form and we will contact you immediately.