Two critical vulnerabilities, CVE-2024-8503 (SQL Injection) and CVE-2024-8504 (Privilege Escalation), have been uncovered in the VICIdial Contact Center Suite, posing a major risk for call centers globally. This article has been indexed from Cyware News – Latest Cyber News Read…
Tag: Cyware News – Latest Cyber News
EchoStrike: Generate Undetectable Reverse Shells, Perform Process Injection
EchoStrike features an interactive Python wizard for easy customization, various persistence techniques, binary padding for evasion, AES payload encryption, and dynamic binary download. This article has been indexed from Cyware News – Latest Cyber News Read the original article: EchoStrike:…
Update: PoC Exploit Released for Windows Hyper-V Zero-Day Vulnerability
This critical flaw, actively exploited in the wild, allows attackers to elevate privileges to SYSTEM level, posing a significant risk to organizations using Microsoft’s Hyper-V virtualization technology. This article has been indexed from Cyware News – Latest Cyber News Read…
US Hits Intellexa Spyware Maker With More Sanctions
The US has imposed further sanctions on Intellexa, the maker of the Predator spyware, targeting individuals and entities associated with the company due to its opaque corporate structure designed to evade accountability. This article has been indexed from Cyware News…
23andMe Pledges $30 Million to the 6.4 Million People Affected by Data Breach
23andMe has pledged $30 million to compensate the 6.4 million people affected by a data breach in October 2023. The breach occurred when a hacker used stolen credentials to access a significant amount of account information, including health data. This…
Zero-Click Calendar Invite: Critical macOS Vulnerability Chain Uncovered
The vulnerability, tracked as CVE-2022-46723, enables attackers to manipulate files within the macOS Calendar app environment and execute remote code during system upgrades. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Zero-Click…
Rising Clipper Malware Attacks Target Cryptocurrency Users
The malicious software called ClipBankers can monitor clipboard activity and replace cryptocurrency addresses with those controlled by attackers, diverting digital asset transfers to rogue wallets. This article has been indexed from Cyware News – Latest Cyber News Read the original…
Critical Vulnerability in AutoGPT Puts Over 166,000 Projects at Risk
A critical vulnerability, CVE-2024-6091 (CVSS 9. 8), has been found in AutoGPT, a popular AI tool with over 166,000 projects at risk. The flaw allows for OS Command Injection, potentially enabling unauthorized actions. This article has been indexed from Cyware…
D-Link Fixes Critical RCE, Hardcoded Credential Flaws in WiFi 6 Routers
D-Link has addressed critical vulnerabilities in three popular WiFi 6 router models, fixing issues that could allow remote attackers to run arbitrary code or access devices with hardcoded credentials. This article has been indexed from Cyware News – Latest Cyber…
Metabase Q Raises $11M in Series A Extension Funding
Metabase Q, an IT cybersecurity management company based in San Francisco, has raised $11M in its Series A extension funding. Backers include SYN Ventures and John Watters. This article has been indexed from Cyware News – Latest Cyber News Read…