CYBER Threat Intelligence Reports
LATEST CTIs
CVE-2024-5921: GlobalProtect App Vulnerability
CVE-2024-5921: Critical vulnerability in Palo Alto Networks’ GlobalProtect app allows unauthorized root certificate installation and malware deployment—update to secure versions immediately
Read more >
PHP Multi-Vulnerability Advisory (CVE-2024-8932, CVE-2024-8929, Others)
PHP Multi-Vulnerability Advisory: Critical flaws in PHP (CVE-2024-8932, CVE-2024-8929, others) expose systems to arbitrary code execution, data leakage, and DoS—urgent updates to versions 8.1.31, 8.2.26,…
Read more >
CVE-2024-10542 & CVE-2024-10781: Anti-Spam by CleanTalk Plugin Vulnerabilities
CVE-2024-10542 & CVE-2024-10781: Critical vulnerabilities in the Anti-Spam by CleanTalk plugin expose over 200,000 WordPress sites to remote code execution and unauthorized access—urgent updates required.
Read more >
Chinese Hackers Actively Exploiting Unpatched Fortinet VPN Vulnerability
Security researchers have identified a Chinese state-sponsored threat group, dubbed "BrazenBamboo," actively exploiting an unpatched zero-day vulnerability in Fortinet's FortiClient Windows VPN client. The vulnerability…
Read more >
Multiple High-Risk Vulnerabilities in Ivanti Endpoint Manager Affecting All Versions Before November 2024 Security Update
Ivanti has disclosed a total of 18 new vulnerabilities in its Endpoint Manager software, which affect all versions of the software prior to the November…
Read more >
Authentication Bypass in Really Simple Security Plugin (CVE-2024-10924)
Critical authentication bypass in Really Simple Security plugin (CVE-2024-10924) allows admin account takeover via REST API; update to version 9.1.2 immediately to prevent exploitation.
Read more >
