Hackers exploiting Apache ActiveMQ vulnerabilities to launch Godzilla web shell attacks
CVE-2023-46604 bug in Apache ActiveMQ exploited by threat actors poses severe cybersecurity risks, evading detection during scanning. Recently, there has…
PAX PoS Payment Terminals Vulnerable to Transaction Manipulation
The STM Cyber R&D team has recently made a significant discovery regarding the Android-based point-of-sale (PoS) terminals produced by PAX…
Google Chrome Actively Exploited – Zero-Day Update (CVE-2024-0519)
Google recently encountered a zero-day vulnerability, known as CVE-2024-0519, in its Chrome browser. This blog post examines the complexities of…
GitLab Releases Fixes for Critical Zero-Click Account Hijacking Vulnerability
GitLab has recently released urgent security updates to tackle a critical zero-click account hijacking vulnerability known as CVE-2023-7028. This vulnerability,…
Chinese Hackers Exploit Zero-Day Flaws in Ivanti VPN
Chinese hackers have strategically exploited zero-day vulnerabilities within Ivanti’s Connect Secure (ICS) and Policy Secure, utilizing a sophisticated attack chain…
Critical Update: Patching the Heap Buffer Overflow in Chrome’s WebRTC
Recent disclosures have brought attention to a highly significant vulnerability, known as CVE-2023-7024, which affects both Google Chrome and Microsoft…
Zimbra Email Software: Hacker Groups Exploit Zero-Day Flaw (CVE-2023-37580)
A critical zero-day vulnerability, known as CVE-2023-37580, has raised significant concerns regarding the Zimbra Collaboration email software. This flaw in…
Zero-Day Vulnerability CVE-2023-47246 in SysAid On-Prem Software
On November 8, 2023, SysAid, a widely used IT Service Management system, made a public announcement regarding a critical zero-day…
Ransomware Attacks Exploit Critical Vulnerabilities in Atlassian and Apache
Recent incidents have highlighted the pressing need for organizations to strengthen their defenses against insidious ransomware attacks. These attacks have…
Patch Critical Vulnerabilities in Veeam ONE IT Monitoring Software
In the latest security updates, Veeam, the expert in data resiliency, has successfully identified and promptly resolved critical vulnerabilities within…