CYBER Threat Intelligence Reports
LATEST CTIs
Authentication Bypass in Really Simple Security Plugin (CVE-2024-10924)
Critical authentication bypass in Really Simple Security plugin (CVE-2024-10924) allows admin account takeover via REST API; update to version 9.1.2 immediately to prevent exploitation.
Read more >
Sophisticated PHP Reinfector Malware Targets WordPress Sites
Advanced PHP reinfector malware targets WordPress via Houzez theme flaws (CVE-2024-22303, CVE-2024-21743), stealing credentials and embedding persistent backdoors; patch and secure immediately to mitigate threats.
Read more >
Newly Identified Exploited Vulnerabilities in Palo Alto Networks Expedition
Critical vulnerabilities in Palo Alto Networks Expedition (CVE-2024-9463 & CVE-2024-9465) enable command injection and data theft; update to version 1.2.96 immediately to mitigate active exploitation…
Read more >
Vulnerability in WP Time Capsule Plugin (CVE-2024-8856)
Critical vulnerability in WP Time Capsule plugin (CVE-2024-8856) allows unauthenticated file uploads, risking full site takeover; update to version 1.22.22 immediately to mitigate threats.
Read more >
Apache Airflow Vulnerability Exposes Sensitive Data in Logs (CVE-2024-45784)
Apache Airflow CVE-2024-45784 exposes sensitive data in logs, risking data breaches, system compromise, and lateral movement; update to version 2.10.3 immediately to secure your workflow.
Read more >
CVE-2024-51735: Cross-Site Scripting Vulnerability in the Osmedeus Offensive Security Tool
Osmedeus, a popular workflow engine used in offensive security, is impacted by a critical Cross-Site Scripting (XSS) vulnerability (CVE-2024-51735). When users view results generated by…
Read more >
