ASUS has released new firmware for several router models to address security vulnerabilities, including critical ones like CVE-2022-26376 and CVE-2018-1160, which can lead to denial-of-service attacks and code execution. The seven other flaws are as follows – CVE-2022-35401 (CVSS score: 8.1) – An authentication bypass vulnerability that could permit an attacker to send malicious HTTP requests …
Read More »
Mandiant, a prominent cybersecurity firm now part of google cloud, has uncovered the activities of UNC3886, a Chinese cyberespionage group that has been actively exploiting a zero-day vulnerability in VMware ESXi. This vulnerability allows the group to escalate privileges on guest virtual machines, gaining unauthorized access and control. The initial …
Read More »
Rosneft is a Russian-based Oil refinery that specializes in exploration, extraction, production, refining, transport, and sale of petroleum, natural gas, and petroleum products. The German branch of Rosneft faced a cyberattack. The Legion group “Anonymous” published a statement that they were responsible for the attack and denoted that they have extracted over …
Read More »
A renowned security analyst and bug hunter, Nagli (@naglinagli), recently uncovered a critical security vulnerability in ChatGPT. With just a single click, a threat actor could easily exploit the vulnerability and gain complete control of any ChatGPT user’s account. As a result, opening the doors to sensitive data let attackers …
Read More »
InfoSecBulletin Cybersecurity for mankind
