Apache Struts, a popular open-source framework used for developing Java-based web applications, has been found to contain a new vulnerability (CVE-2024-53677) that is already being actively exploited by attackers. Using publicly available Proof of Concept (PoC) code, they can upload…
A critical Remote Code Execution (RCE) vulnerability (CVE-2024-6386) has recently been discovered in the WordPress Multilingual Plugin (WPML). This vulnerability poses a threat to more than 1,000,000 active WordPress websites worldwide, allowing attackers to gain control over the sites. The…
The highly anticipated final release of Kali Linux 2024.4 is now here! This update comes packed with numerous updates, new hacking tools, and powerful features, ranging from a new default Python version to the discontinuation of i386 kernel support. Kali…
CoinLurker is an advanced data-stealing malware that has revolutionized fake update campaigns. Written in the Go programming language, CoinLurker utilizes obfuscation and anti-analysis techniques, enabling it to evade detection and carry out stealthy cyberattacks. According to Morphisec’s report, CoinLurker has…
Hackers used the Microsoft Teams platform to trick a victim into granting remote access to their system. This attack, analyzed by Trend Micro, showcases the increasing complexity of social engineering tactics employed by cybercriminals. The attack unfolded in several stages:…
Recent data has revealed a sharp rise in attacks targeting Remote Desktop Protocol (RDP) services, with a specific focus on port 1098 Over the past two weeks, honeypot sensors have recorded more than 740,000 daily scans from distinct IP addresses.…
A security vulnerability (CVE-2024-53247) has been discovered in the Splunk Secure Gateway app and the Splunk Enterprise platform. This vulnerability enables attackers with low-level user privileges to execute arbitrary code remotely, posing a significant threat to system security. Details of…
Apache Struts 2, an open-source platform widely used in web applications, has been found to contain a new security vulnerability (CVE-2023-50164). This vulnerability allows attackers to upload and execute malicious files on the server, posing a serious threat to the…
Google has released a security update for the Chrome browser, addressing three high-severity vulnerabilities that could expose users to serious risks. The update, version 131.0.6778.139/.140 (for Windows and Mac) and 131.0.6778.139 (for Linux), is being rolled out gradually, and it…
A newly identified critical vulnerability in the Windows Common Log File System (CLFS) driver — CVE-2024-49138 — poses a serious threat, having already been exploited in cyberattacks. This issue represents a significant risk to Windows systems. Overview of the Vulnerability…