CVE-2024-20253: Cisco’s Unified Comms RCE Vulnerability Patched
Customers using Cisco Unified Communications should patch the high-severity vulnerability or mitigate its risks Cisco has taken immediate action in…
Kansas City Area Transportation Authority Targeted by Ransomware Attack, Medusa Gang Claims Responsibility
Kansas City Area Transportation Authority Targeted by Ransomware Attack, Medusa Gang Claims Responsibility On January 23, 2023, the Kansas City…
Jenkins CLI File Read Vulnerability Leading to RCE (CVE-2024-23897) – Patch Now
Critical vulnerability (CVE-2024-23897, CVSS 9.8) in Jenkins’ Command Line Interface poses a severe risk of remote code execution. Jenkins, an…
Hackers exploiting Apache ActiveMQ vulnerabilities to launch Godzilla web shell attacks
CVE-2023-46604 bug in Apache ActiveMQ exploited by threat actors poses severe cybersecurity risks, evading detection during scanning. Recently, there has…
PAX PoS Payment Terminals Vulnerable to Transaction Manipulation
The STM Cyber R&D team has recently made a significant discovery regarding the Android-based point-of-sale (PoS) terminals produced by PAX…
GitHub Rotates Credentials in Response to High-Severity Vulnerability
GitHub, the widely-used code hosting platform, recently took decisive measures to strengthen its security infrastructure following the discovery of a…
Google Chrome Actively Exploited – Zero-Day Update (CVE-2024-0519)
Google recently encountered a zero-day vulnerability, known as CVE-2024-0519, in its Chrome browser. This blog post examines the complexities of…
Critical Remote Code Execution Vulnerability Patched in Juniper SRX Firewalls and EX Switches
Juniper Networks has effectively addressed a significant remote code execution (RCE) vulnerability that impacted its SRX Series Firewalls and EX…
GitLab Releases Fixes for Critical Zero-Click Account Hijacking Vulnerability
GitLab has recently released urgent security updates to tackle a critical zero-click account hijacking vulnerability known as CVE-2023-7028. This vulnerability,…
Cryptominers Exploiting Apache Hadoop and Flink Using Rootkits
Cryptocurrency miners are increasing their attacks on critical data infrastructure by targeting vulnerabilities in Apache Hadoop and Flink systems. These…