HashiCorp has released updated versions (1.17.6, 1.16.10, 1.15.15) to fix the flaw, along with a new configuration option to enhance security. Users are advised to upgrade or adjust their configurations to protect against exploitation. This article has been indexed from…
Category: Cyware News – Latest Cyber News
CISA Warns of Hackers Targeting Industrial Systems Using “Unsophisticated Methods”
The CISA has issued a warning about hackers using basic techniques to target industrial systems, particularly OT and ICS devices in critical infrastructure, water, and wastewater systems. This article has been indexed from Cyware News – Latest Cyber News Read…
Critical WhatsUp Gold Vulnerabilities Demand Immediate Action
The six vulnerabilities, with high severity scores, could lead to unauthorized access and control over network infrastructure. Progress Software advises all WhatsUp Gold users to upgrade to version 24.0.1 to mitigate these vulnerabilities. This article has been indexed from Cyware…
Phishing-as-a-Service Platform Sniper Dz Used to Create 140,000 Phishing Sites in One Year
Cybersecurity researchers at Palo Alto Networks’ Unit 42 have discovered a prolific Phishing-as-a-Service platform called Sniper Dz, responsible for creating over 140,000 phishing websites in just one year. This article has been indexed from Cyware News – Latest Cyber News…
Critical Flaws Discovered in Jupiter X Core WordPress Plugin Affecting Over 90,000 Sites
Security researchers have found critical flaws in the Jupiter X Core WordPress plugin, affecting over 90,000 websites. The vulnerabilities could allow attackers to take control of websites or hijack user accounts, including admin accounts. This article has been indexed from…
VLC Media Player Update Needed: CVE-2024-46461 Discovered
VLC Media Player users are urged to update their software due to the critical CVE-2024-46461 vulnerability, which could crash the program or lead to code execution by malicious actors. This article has been indexed from Cyware News – Latest Cyber…
Critical CUPS Vulnerabilities Expose Linux and Other Systems to Remote Attacks
Multiple critical vulnerabilities in CUPS (Common Unix Printing System) have been uncovered, affecting Linux systems, BSDs, Oracle Solaris, and Google Chrome OS. These flaws can enable attackers to execute arbitrary commands through IPP URLs. This article has been indexed from…
Critical Vulnerabilities Found in NVIDIA Container Toolkit
Nvidia Container Toolkit has critical vulnerabilities (CVE-2024-0132 and CVE-2024-0133) up to v1.16.1, allowing attackers to access the host file system, execute code, escalate privileges, and disrupt services. This article has been indexed from Cyware News – Latest Cyber News Read…
Pure Storage Reveals CVSS 10 Vulnerabilities, Putting FlashArray, FlashBlade Systems at Risk
The identified flaws include a local configuration account vulnerability, remote access via privileged accounts, remote account creation, remote command execution, and SNMP configuration exploitation. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…
Critical SQL Injection Vulnerability Discovered in ‘The Events Calendar’ WordPress Plugin
A critical SQL injection vulnerability has been discovered in The Events Calendar WordPress plugin (CVE-2024-8275), affecting all versions up to 6. 6. 4. The vulnerability has a CVSS score of 9. 8, indicating a high level of severity. This article…