Please turn on your JavaScript for this page to function normally.
GitHub
Critical GitHub Enterprise Server auth bypass flaw fixed (CVE-2024-6800)

A critical vulnerability (CVE-2024-6800) affecting all currently supported versions of GitHub Enterprise Server (GHES) may allow attackers to gain unrestricted access to the …

visualization
To improve your cybersecurity posture, focus on the data

Effectively converging, managing and using enterprise data is a huge undertaking. Enterprises have vast hoards of data, but those hoards exist within siloed systems and …

SolarWinds
Critical RCE bug in SolarWinds Web Help Desk fixed (CVE-2024-28986)

SolarWinds has fixed a critical vulnerability (CVE-2024-28986) in its Web Help Desk (WHD) solution that may allow attackers to run commands on the host machine. “While …

Evolution Mining
Australian gold mining company hit with ransomware

Australian gold mining firm Evolution Mining has announced on Monday that it became aware on 8 August 2024 of a ransomware attack impacting its IT systems, and has been …

malware
Ransomware gang targets IT workers with new RAT masquerading as IP scanner

Ransomware-as-a-service outfit Hunters International is wielding a new remote access trojan (RAT). “The malware, named SharpRhino due to its use of the C# programming …

Apache OFBiz
Critical Apache OFBiz pre-auth RCE flaw fixed, update ASAP! (CVE-2024-38856)

CVE-2024-38856, an incorrect authorization vulnerability affecting all but the latest version of Apache OFBiz, may be exploited by remote, unauthenticated attackers to execute …

VMware
VMware ESXi auth bypass zero-day exploited by ransomware operators (CVE-2024-37085)

Ransomware operators have been leveraging CVE-2024-37085, an authentication bypass vulnerability affecting Active Directory domain-joined VMware ESXi hypervisors, to gain full …

Progress
Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)

Progress Software has fixed a critical vulnerability (CVE-2024-6327) in its Telerik Report Server solution and is urging users to upgrade as soon as possible. About …

Critical Splunk flaw can be exploited to grab passwords (CVE-2024-36991)

A recently fixed vulnerability (CVE-2024-36991) affecting Splunk Enterprise on Windows “is more severe than it initially appeared,” according to SonicWall’s …

Snowflake
Info of 2,3+ million individuals stolen in Advance Auto Parts data breach

Personal information of over 2,3 million individuals has been stolen by attackers as part of the massive data grab via compromised Snowflake accounts without MFA protection, …

TeamViewer
TeamViewer: Network segmentation hobbled Midnight Blizzard’s attack

TeamViewer, the company developing the popular remote access/control software with the same name, has finished the investigation into the breach it detected in late June 2024, …

Progress MOVEit
Progress quietly fixes MOVEit auth bypass flaws (CVE-2024-5805, CVE-2024-5806)

Progress Software has patched one critical (CVE-2024-5805) and one high-risk (CVE-2024-5806) vulnerability in MOVEit, its widely used managed file transfer (MFT) software …

Don't miss

Cybersecurity news