Multiple vulnerabilities have been published by IBM in its webMethods Integration Server which cloud allow attackers to execute arbitrary commands on affected systems. Those published vulnerabilities have been identified in version 10.15 of the software which pose a severe risk for the organizations to integrate and API management. CVE-2024-45076 has …

Progress Software released an emergency fix for a critical vulnerability (10/10) in its Loadmaster and LoadMaster Multi-Tenant Hypervisor products, which allows remote command execution by attackers. CVE-2024-7591 is a flaw that allows remote, unauthenticated attackers to access Loadmaster’s management interface through a manipulated HTTP request due to improper input validation. …

CISCO released security updates for two critical security flaws impacting its smart Licensing Utility that could allow unauthenticated, remote attackers to elevate their privileges. A brief description of the two vulnerabilities is below – CVE-2024-20439 (CVSS score: 9.8): The presence of an undisclosed static user credential that an attacker could …

OpenBAS is a platform that helps organizations to plan, schedule, and conduct crisis exercises, adversary simulations, and breach simulations. OpenBAS is a modern web application that follows ISO 22398 standards. It has a user-friendly interface and a RESTful API. The platform has different modules, such as scenarios, team management, simulations, …

Zyxel has released software updates to fix a serious security issue in certain access point (AP) and security router versions. This flaw could allow the execution of unauthorized commands. The vulnerability known as CVE-2024-7261 (CVSS score: 9.8) involves an operating system (OS) command injection. “The improper neutralization of special elements …

VMware released a security advisory for a major vulnerability in the VMware Fusion product. This vulnerability could be exploited by attackers to run malicious code. CVE-2024-38811 is a vulnerability caused by using an insecure environment variable in the application, with a CVSSv3 score of 8.8, making it important. VMware Fusion …

Indian Computer Emergency Response Team (CERT-IN) issued advisories about multiple vulnerabilities in various Palo Alto Networks applications. Attackers could exploit these vulnerabilities to access systems without permission, steal important information, and potentially run harmful code. Vulnerabilities in Palo Alto Networks: The vulnerabilities include CVE-2024-5915, CVE-2024-5916, and CVE-2024-5914. GlobalProtect App: Privilege …

Malaysia is quickly becoming a leading choice for investing in data centers. It aims to generate RM3.6 billion (US$781 million) in revenue by 2025, compared to RM2.09 billion (US$462 million) in 2022. The growth is driven by investments and expansions by major technology companies, showcasing Malaysia’s increasing importance in the …

US authorities have issued a cybersecurity advisory about a ransomware group called RansomHub. The group is thought to have stolen data from at least 210 victims using encryption and double extortion techniques. The group targeted various organizations, including healthcare, IT, government, emergency services, food and agriculture, and water and wastewater. They …

There is a new way to attack Atlassian Confluence using the vulnerability CVE-2023-22527. The Confluence Data Center and Server products have the vulnerability that has been exploited using the Godzilla backdoor, which is a complex malware that doesn’t use files. Understanding CVE-2023-22527: CVE-2023-22527 is a critical vulnerability with a CVSS …