Tag: Cyber threat

The Cybersecurity and Infrastructure Security Agency has taken a proactive step by releasing nine Industrial Control Systems advisories on January 11, 2024.

Two critical vulnerabilities in the widely-used POST SMTP Mailer WordPress plugin, impacting around 300,000 websites, pose a serious security risk.

A newly identified Mirai-based botnet, named NoaBot, has emerged as part of a crypto mining campaign since the beginning of 2023.

Threat actors are employing sophisticated tactics to steal employees' credentials by exploiting communication related to pension, salary and performance

Ivanti has disclosed two zero-day vulnerabilities, CVE-2023-46805 and CVE-2024-21887, affecting its Connect Secure and Policy Secure gateways

A critical vulnerability has been discovered in the AI Engine plugin for WordPress, affecting its free version with over 50,000 active installations.

Cisco has issued patches for a severe security vulnerability in its Unity Connection software, potentially granting remote root privileges on unpatched devices.

A financially motivated group of Turkish hackers, identified in the RE#TURGENCE campaign, has been systematically targeting Microsoft SQL (MSSQL) servers.

A critical blind SQL injection vulnerability has been discovered in Cacti, a widely-used network monitoring, performance, and fault management framework

Water Curupira, an active threat actor, has been identified distributing the PikaBot loader malware through spam campaigns in 2023.