CYBER Threat Intelligence Reports
LATEST CTIs
RCE Vulnerability in GiveWP Plugin (CVE-2024-9634) Exposes 100,000+ WordPress Sites to Complete Takeover
CVE-2024-9634, a critical RCE vulnerability in the GiveWP plugin, enables unauthenticated code execution on 100,000+ WordPress sites—update to version 3.16.4 immediately to prevent site takeover…
Read more >
Vulnerability in Jetpack Plugin (Affects 27M+ WordPress Sites): Immediate Update Required to Prevent Data Exposure
A critical vulnerability in the Jetpack plugin’s Contact Form feature affects 27M+ WordPress sites, risking unauthorized data access—update to version 13.9.1 immediately to secure sensitive…
Read more >
CVE-2024-47374: Stored XSS Vulnerability in LiteSpeed Cache Plugin Puts 6M+ WordPress Sites at Risk
A high-severity stored XSS vulnerability (CVE-2024-47374) in the LiteSpeed Cache plugin allows unauthenticated script injection on over 6 million WordPress sites—update to version 6.5.1 immediately…
Read more >
CVE-2024-7772 & CVE-2024-7781: RCE and Account Takeover Vulnerabilities in Jupiter X Core Plugin Put 90,000+ WordPress Sites at Risk
Two critical vulnerabilities in the Jupiter X Core plugin (CVE-2024-7772 & CVE-2024-7781) expose over 90,000 WordPress sites to remote code execution and account takeover risks—immediate…
Read more >
CVE-2024-8275: SQL Injection Vulnerability in ‘The Events Calendar’ Plugin Puts 700,000+ WordPress Sites at Risk
A critical SQL injection vulnerability (CVE-2024-8275) in The Events Calendar plugin allows unauthenticated attackers to execute arbitrary SQL commands, risking data exposure and database integrity…
Read more >
Iranian Nation-State Threat Actors Targeting Critical Infrastructure: Tactics and Mitigations
In a joint advisory issued on October 16, 2024, cybersecurity and intelligence agencies from the U.S., Canada, Australia, and allied partners warn of a sustained…
Read more >
