Severity High Analysis Summary Ducktail Malware is a malicious program designed by hackers to infiltrate computers and networks globally. Ducktail malware is typically delivered through a […]

Severity High Analysis Summary Turla, a Russian espionage threat actor, infected and compromised many systems of an unknown non-governmental organization (NGO) in Europe by deploying a […]

Severity Low Analysis Summary CVE-2024-26246 Microsoft Edge (Chromium-based) could allow a physical authenticated attacker to bypass security restrictions. An attacker could exploit this vulnerability to bypass […]

Severity Medium Analysis Summary CVE-2024-22453 CVSS:7.2 Dell PowerEdge is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the BIOS. By sending a […]

Severity High Analysis Summary The United Arab Emirates (UAE) is rapidly pursuing digital transformation initiatives to position itself as a global hub for business and innovation […]

Severity High Analysis Summary Ivanti, a software company, recently disclosed a critical remote code execution vulnerability affecting Standalone Sentry, urging immediate application of fixes to protect […]

Severity High Analysis Summary A novel malware campaign delivering AZORult was discovered by cybersecurity researchers, which uses HTML smuggling and forged Google site pages to spread […]

Severity Medium Analysis Summary CVE-2024-26056 CVSS:5.4 Adobe Experience Manager is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could […]

Severity High Analysis Summary OilRig, aka HelixKitten, APT 34, and Twisted Kitten, is a suspected Iranian threat group targeting Middle Eastern and international victims since at […]

Severity High Analysis Summary Patchwork is an Advanced Persistent Threat APT group active since at least 2014. Patchwork primarily targets government, defense, and diplomatic organizations, as […]

Severity Medium Analysis Summary CVE-2024-27277 CVSS:6.2 The private key for the IBM Storage Protect Plus Server 10.1.0 through 10.1.16 certificate can be disclosed, undermining the security […]

Severity High Analysis Summary APT-17, also known as “Bitter APT” or “DeputyDog” is a state-sponsored cyber espionage group that is believed to operate out of China. […]

Severity High Analysis Summary Application layer protocol that depends upon User Datagram Protocol (UDP) for end-to-end communication has been targeted by the latest attack vector known […]

Severity Medium Analysis Summary FormBook is an infostealer malware that was first identified in 2016. It tracks and monitors keystrokes, finds and accesses files, takes screenshots, […]

Severity High Analysis Summary A new phishing campaign aims to propagate the remote access trojan NetSupport RAT using an advanced Microsoft Office trick to target U.S. […]

Severity High Analysis Summary A report by security researchers sheds light on suspected espionage activities targeting aerospace, aviation, and defense industries in Middle Eastern countries, with […]

Severity High Analysis Summary A new sophisticated attack campaign is distributing DEEP#GOSU malware and targets Windows users in which the attacker employs the attack by using […]

Severity Medium Analysis Summary CVE-2024-27439 CVSS:8.8 Apache Wicket is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading an authenticated user […]

Severity Medium Analysis Summary Remcos malware has been operating since 2016. This RAT was originally promoted as genuine software for remote control of Microsoft Windows from […]

Severity High Analysis Summary CVE-2024-2627 CVSS:8.8 Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in Canvas. […]

Severity High Analysis Summary CVE-2024-2616 CVSS:6.5 Mozilla Firefox ESR and Thunderbird are vulnerable to a denial of service, caused by an error related to out-of-memory conditions […]

Severity High Analysis Summary Digital Document Publishing (DDP) sites are being attacked and exploited by threat actors for phishing attacks, credential harvesting, and session token theft. […]

Severity High Analysis Summary Cybersecurity experts have found a new attack surface for threat actors to gain unauthorized access to sensitive information, as Open AI ChatGPT […]

Severity Medium Analysis Summary CVE-2024-2432 CVSS:4.5 Palo Alto Networks GlobalProtect app on Windows could allow a local authenticated attacker to gain elevated privileges on the system, […]