Summary: The cybercriminal group ‘ShadowSyndicate’ has been detected scanning for vulnerable servers, aiming to exploit a recently addressed vulnerability in the widely-used Aiohttp library. This exploit, if successful, could lead to unauthorized access to sensitive data on servers globally, posing a significant threat to organizations relying on …

Summary: Earth Krahang, an APT campaign since 2022, targets global government entities, employing spear phishing and server exploitation tactics. Operating independently but with potential links to Chinese threat actors, it utilizes malware like Cobalt Strike and XDealer for espionage, urging organizations to bolster security measures and patch …

Summary:  A critical security vulnerability, identified as CVE-2024-2172 in WordPress, urges users utilizing miniOrange’s Malware Scanner and Web Application Firewall plugins to uninstall these plugins from their websites. This vulnerability enables unauthorized attackers to gain administrative privileges by altering the user password. Threat Level – …

Summary: Three high-severity vulnerabilities have been discovered in the Cisco IOS XR software, posing risks of denial-of-service (DoS) attacks and elevation of privilege. These vulnerabilities are tracked as CVE-2024-20320, CVE-2024-20318, and CVE-2024-20327. Threat Level – Amber | Vulnerability Report For a detailed threat advisory, download the …

Summary: A critical Cross-Site Scripting (XSS) vulnerability (CVE-2024-2194) in WP Statistics plugin, allowing attackers to inject malicious code via the URL parameter. With over 600,000 installations, the flaw poses severe risks, enabling unauthorized script execution and potential data theft or site compromise. Update promptly to …

Summary: Magnet Goblin, characterized by its financial incentives, strategically exploits zero-day vulnerabilities within publicly accessible services by employing sophisticated malware sourced from the Nerbian family, which also includes NerbianRAT and MiniNerbian. Threat Level – Red | Actor Report For a detailed threat advisory, download the pdf …

Summary: Since at least November 2023, there has been a persistent phishing spam campaign targeting potential victims in Mexico. The campaign entices users to download TimbreStealer, a new information stealer that has been disguised. This campaign use financial-themed phishing emails to lure consumers into running …

Summary: A critical SQL Injection vulnerability (CVE-2023-48788) in FortiClientEMS software enables attackers to execute unauthorized code or commands via specially crafted HTTP requests. Additionally, two other critical bugs in FortiOS and FortiProxy have been addressed. Update promptly to patched versions to prevent potential exploitation. Threat …