Mastodon Addresses Critical Account Hijacking Vulnerability
Mastodon, a decentralized social network, recently encountered a significant security challenge when a critical account hijacking vulnerability, known as CVE-2024-23832,…
AnyDesk Hacked, Users Urged to Immediately Reset Passwords
On Friday, AnyDesk, a well-known provider of remote desktop software, confirmed a breach in their production systems. The company swiftly…
Cloudflare’s Thanksgiving Security Breach: Insights into a Nation-State Attack
Cloudflare, a well-known provider of internet infrastructure, recently disclosed a significant security breach that occurred on Thanksgiving Day, November 23,…
Glibc Flaw Enables Attackers to Gain Root Access on Linux Distros
A critical vulnerability has been disclosed in the GNU C Library (glibc), a crucial component of various Linux distributions. Tracked…
CVE-2024-20253: Cisco’s Unified Comms RCE Vulnerability Patched
Customers using Cisco Unified Communications should patch the high-severity vulnerability or mitigate its risks Cisco has taken immediate action in…
Kansas City Area Transportation Authority Targeted by Ransomware Attack, Medusa Gang Claims Responsibility
Kansas City Area Transportation Authority Targeted by Ransomware Attack, Medusa Gang Claims Responsibility On January 23, 2023, the Kansas City…
Jenkins CLI File Read Vulnerability Leading to RCE (CVE-2024-23897) – Patch Now
Critical vulnerability (CVE-2024-23897, CVSS 9.8) in Jenkins’ Command Line Interface poses a severe risk of remote code execution. Jenkins, an…
Hackers exploiting Apache ActiveMQ vulnerabilities to launch Godzilla web shell attacks
CVE-2023-46604 bug in Apache ActiveMQ exploited by threat actors poses severe cybersecurity risks, evading detection during scanning. Recently, there has…
PAX PoS Payment Terminals Vulnerable to Transaction Manipulation
The STM Cyber R&D team has recently made a significant discovery regarding the Android-based point-of-sale (PoS) terminals produced by PAX…