High-Severity Flaws Uncovered in Atlassian Products and ISC BIND Server
Several security flaws were discovered that could be exploited to achieve denial-of-service (DoS) and remote code execution
Read More...Several security flaws were discovered that could be exploited to achieve denial-of-service (DoS) and remote code execution
Read More...Local attackers can exploit this flaw (CVE-2023-41992) to escalate privileges
Read More...The vulnerability has been addressed in GitLab versions 16.3.4 and 16.2.7.
Read More...The threat actor included a summary in the README file and a Streamable video demonstrating how to use the PoC, which added further legitimacy to the malicious package
Read More...The threat actors can exploit a loophole in the Google Ad platform's tracking template that allows them to redirect at will while complying with Google's policy
Read More...In July 2023, Storm-0324 began using phishing lures sent over Teams with malicious links leading to a malicious SharePoint-hosted file
Read More...Microsoft has fixed an actively exploited local privilege elevation vulnerability that allows attackers to gain SYSTEM privileges
Read More...The malware used in this campaign establishes a reverse shell to a C2 server and installs a Bash stealer that collects user data and account credentials
Read More...CVE-2023-41064 relates to a buffer overflow issue in the Image I/O component that could lead to arbitrary code execution when processing a maliciously crafted image
Read More...The medium severity zero-day allows unauthorized remote attackers to conduct brute force attacks against existing accounts
Read More...