CYBER Threat Intelligence Reports
LATEST CTIs
Active Exploitation of Ivanti Connect Secure and Policy Secure Gateways Vulnerabilities (CVE-2023-46805, CVE-2024-21887)
CISA warns of active exploitation of Ivanti vulnerabilities CVE-2023-46805 and CVE-2024-21887, enabling attackers to steal credentials and move undetected within networks. Organizations are urged to…
Read more >
Unmasking CVE-2024-20253 – Critical-Risk RCE Vulnerability in Cisco Unified Communications Systems
The critical flaw CVE-2024-20253 in Cisco's systems presents a severe threat, allowing unauthenticated remote code execution. With a high severity score, it impacts multiple Cisco…
Read more >
Jenkins CLI Vulnerability CVE-2024-23897 – A Critical Path to Remote Code Execution
Jenkins faces a severe threat from CVE-2024-23897, a critical CLI vulnerability enabling unauthorized file access and potential remote code execution. With a CVSS score of…
Read more >
Critical GitLab Zero-Click Account Takeover Vulnerability Exposed
A critical vulnerability in GitLab, CVE-2023-7028, affects over 5,300 internet-facing instances, allowing attackers to execute zero-click account takeovers. This flaw enables unauthorized redirection of password…
Read more >
Urgent Security Update: CVE-2024-0204 in Fortra GoAnywhere MFT – Critical Authentication Bypass Vulnerability
A critical vulnerability, CVE-2024-0204, has been discovered in Fortra's GoAnywhere Managed File Transfer (MFT) software, allowing unauthorized creation of administrative users and potentially leading to…
Read more >
Alert: Apache ActiveMQ Flaw Exploited in Godzilla Web Shell Attacks (CVE-2023-46604)
A critical Apache ActiveMQ flaw, CVE-2023-46604, is being exploited to install the elusive Godzilla web shell on compromised systems. This high-severity vulnerability allows complete host…
Read more >
