CYBER Threat Intelligence Reports
LATEST CTIs
Vulnerability in RSS Aggregator by Feedzy Plugin (CVE-2024-1317)
The RSS Aggregator by Feedzy plugin for WordPress has a vulnerability (CVE-2024-1317) in versions up to 4.4.2, allowing SQL injection attacks by authenticated users with…
Read more >
Security Flaw in VMware’s Enhanced Authentication Plugin (EAP) Puts Active Directory at Risk
VMware urges users to uninstall the Enhanced Authentication Plugin (EAP) due to a critical flaw (CVE-2024-22245, CVSS score: 9.6) that compromises Active Directory. A related…
Read more >
Urge in Banking Malware Campaign Abusing Google Cloud Run
A rise in banking malware campaigns exploiting Google Cloud Run has been detected, spreading Trojans like Astaroth, Mekiotio, and Ousaban across Latin America, Europe, and…
Read more >
“Helpdesk Support” Phishing Campaign Compromising Outlook Credentials
The "Helpdesk Support" phishing campaign targets Outlook users with deceptive emails, leading to fake login pages that steal credentials. To combat this threat, the Italian…
Read more >
Linux Kernel Flaw (CVE-2024-0646) Exposes Systems to Privilege Escalation
The CVE-2024-0646 vulnerability in the Linux Kernel's kTLS subsystem (CVSS 7.8) allows local users to escalate privileges or disrupt system operations. It arises from improper…
Read more >
CVE-2024-25600: WordPress’s Bricks Builder RCE Flaw Under Active Exploitation
The critical vulnerability CVE-2024-25600 in WordPress's Bricks Builder (CVSS score: 9.8) allows unauthenticated attackers to execute code on the server. This flaw is actively exploited,…
Read more >
