The KartLANPwn vulnerability (CVE-2024-45200) targets Mario Kart 8 Deluxe’s LAN Play feature, potentially allowing hackers to execute remote code on players’ game consoles. This article has been indexed from Cyware News – Latest Cyber News Read the original article: KartLANPwn…
Category: Cyware News – Latest Cyber News
CISA Adds Four Actively Exploited Vulnerabilities to KEV Catalog
The CISA has alerted to four newly exploited vulnerabilities in its KEV catalog. The vulnerabilities include critical flaws in D-Link and DrayTek Vigor routers, Motion Spell GPAC, and SAP Commerce Cloud. This article has been indexed from Cyware News –…
JPCERT Shares Windows Event Log Tips to Detect Ransomware Attacks
The investigation strategy shared by JPCERT/CC covers Application, Security, System, and Setup logs, which can reveal traces left by ransomware attacks and help identify the attack vector This article has been indexed from Cyware News – Latest Cyber News Read…
Researcher Details RCE Flaw (CVE-2024-36435) in Supermicro BMC IPMI Firmware
A critical vulnerability, CVE-2024-36435, has been found in several Supermicro enterprise products, allowing unauthenticated attackers to exploit a buffer overflow in the Baseboard Management Controller (BMC) firmware, leading to RCE. This article has been indexed from Cyware News – Latest…
Malicious Actors Use Infected PyPI Packages to Target Roblox Da Hood Game Cheaters
Platforms like Github, Discord, and YouTube are used to distribute compromised game cheats, which contain malware such as Skuld Stealer and Blank Grabber, known for stealing sensitive information. This article has been indexed from Cyware News – Latest Cyber News…
Phishing Attacks on Australia Disguised as Atlassian
Mimecast highlighted a noticeable increase in the use of Atlassian to evade detection. The attackers utilized postmark URLs to gather data intelligence, including location and browser details. This article has been indexed from Cyware News – Latest Cyber News Read…
DragonForce Ransomware Expands RaaS, Targets Firms Worldwide
The DragonForce group utilizes dual ransomware variants, including one based on LockBit 3.0 and another on ContiV3, to target industries like manufacturing, real estate, and transportation. This article has been indexed from Cyware News – Latest Cyber News Read the…
PoC Exploit Shows Local Privilege Escalation Risk in Linux
Researchers disclosed a critical privilege escalation vulnerability, CVE-2024-26808, in the Linux kernel affecting versions from v5.9 to v6.6. The flaw is in the Netfilter component, allowing root access by manipulating memory allocation. This article has been indexed from Cyware News…
Critical XSS Flaw Discovered in Filament Necessitates Urgent Update for Laravel Developers
A critical XSS flaw (CVE-2024-47186) has been found in Filament, a popular Laravel development tool. The vulnerability affects versions 3.0.0 to 3.2.114, putting applications at risk that render unvalidated ColorColumn or ColorEntry values. This article has been indexed from Cyware…
Multiple Vulnerabilities Discovered in PHP, Prompting Urgent Security Updates
Key vulnerabilities include log manipulation in PHP-FPM (CVE-2024-9026), bypassing redirect configurations (CVE-2024-8927), CGI parameter injection vulnerability (CVE-2024-8926), and erroneous parsing of multipart form data (CVE-2024-8925). This article has been indexed from Cyware News – Latest Cyber News Read the original…