CYBER Threat Intelligence Reports
LATEST CTIs
ConnectWise ScreenConnect Vulnerabilities (CVE-2024-1709 and CVE-2024-1708)
Sophos X-Ops warns of critical vulnerabilities in ConnectWise ScreenConnect, affecting versions prior to 23.9.8. CVE-2024-1709 and CVE-2024-1708 pose severe risks, enabling remote code execution and…
Read more >
Urgent Security Alert: SQL Injection Vulnerability in WordPress Ultimate Member Plugin (CVE-2024-1071)
A critical SQL Injection vulnerability, CVE-2024-1071, affects the Ultimate Member WordPress plugin versions 2.1.3 to 2.8.2, impacting over 200,000 sites. Update to version 2.8.3 immediately…
Read more >
CISA: Mozilla Releases Security Updates for Firefox and Thunderbird to Address Critical Vulnerabilities
On February 21, 2024, Mozilla released critical security updates for Firefox, Firefox ESR, and Thunderbird to address vulnerabilities that could allow cyber threat actors to…
Read more >
Vulnerability in RSS Aggregator by Feedzy Plugin (CVE-2024-1317)
The RSS Aggregator by Feedzy plugin for WordPress has a vulnerability (CVE-2024-1317) in versions up to 4.4.2, allowing SQL injection attacks by authenticated users with…
Read more >
Security Flaw in VMware’s Enhanced Authentication Plugin (EAP) Puts Active Directory at Risk
VMware urges users to uninstall the Enhanced Authentication Plugin (EAP) due to a critical flaw (CVE-2024-22245, CVSS score: 9.6) that compromises Active Directory. A related…
Read more >
Urge in Banking Malware Campaign Abusing Google Cloud Run
A rise in banking malware campaigns exploiting Google Cloud Run has been detected, spreading Trojans like Astaroth, Mekiotio, and Ousaban across Latin America, Europe, and…
Read more >
