Alert

A critical flaw in Google’s “Sign in with Google” system has put millions of Americans at risk of data theft. This vulnerability primarily impacts former employees of startups that have shut down. Truffle Security identifies that the issue arises from how Google’s OAuth login handles changes in domain ownership. When …

U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a second security flaw affecting BeyondTrust’s Privileged Remote Access (PRA) and Remote Support (RS) products to its Known Exploited Vulnerabilities (KEV) catalog, noting that it is actively being exploited. CVE-2024-12686 is a medium-severity vulnerability (CVSS score: 6.6) that could let an attacker …

Over 48,000 SonicWall devices are still vulnerable to a serious security flaw, putting organizations worldwide at risk of ransomware attacks. The CVE-2024-40766 vulnerability was disclosed in September 2024 and is actively exploited by ransomware groups Akira and Fog. CVE-2024-40766 is a serious access control vulnerability in SonicWall’s SonicOS, used in …

Around 3.3 million servers are running POP3/IMAP email services without encryption (TLS) enabled, the Shadowserver Foundation, a nonprofit security organization, has discovered. Most of these servers reside in the US, Germany, and Poland. POP3 (Post Office Protocol version 3) is an aging protocol used by email clients to retrieve emails …

Security researchers have warned that a Proof-of-Concept (PoC) exploit has been publicly released for a critical vulnerability affecting Oracle WebLogic Server. The flaw tracked as CVE-2024-21182, poses a significant risk to organizations using the server, as it allows an unauthenticated attacker with network access to compromise the targeted system. The …

Northwave Cyber Security has found a sophisticated backdoor, LITTLELAMB.WOOLTEA, targeting Palo Alto Networks firewalls. Northwave researcher claimed the backdoor was found during a forensic investigation of a compromised Palo Alto Networks device. Attackers exploited a recently disclosed vulnerability (CVE-2024-9474) to enter the system and deploy a malicious script called bwmupdate, …

Adobe has issued urgent security updates for ColdFusion versions 2023 and 2021 to fix a critical vulnerability (CVE-2024-53961). This flaw allows attackers to read arbitrary files from the system, risking exposure of sensitive data and configuration files. It results from improper path limitations, enabling unauthorized access outside the intended directory. …

CISA has released eight advisories on vulnerabilities in Industrial Control Systems (ICS). These vulnerabilities affect essential software and hardware in different industries, risking service disruptions, unauthorized access, and malicious code execution. ICSA-24-354-01 Hitachi Energy RTU500 series CMU ICSA-24-354-02 Hitachi Energy SDM600 ICSA-24-354-03 Delta Electronics DTM Soft ICSA-24-354-04 Siemens User Management …

Sophos has fixed three separate security vulnerabilities in Sophos Firewall.  The vulnerabilities CVE-2024-12727, CVE-2024-12728, and CVE-2024-12729 present major risks, such as remote code execution and privilege escalation. Applies to the following Sophos product(s) and version(s): Sophos Firewall v21.0 GA and earlier No action is needed for Sophos Firewall customers who …

Kaspersky’s Global Emergency Response Team (GERT) found that attackers are exploiting a patched SQL injection vulnerability (CVE-2023-48788) in Fortinet FortiClient EMS, affecting versions 7.0.1 to 7.0.10 and 7.2.0 to 7.2.2. Even with available patches, many systems remain unupdated, allowing unauthorized code execution and compromise of networks. According to the report, …