InfoSecBulletin Cybersecurity for mankind

“Palo Alto Networks has observed threat activity exploiting an unauthenticated remote command execution vulnerability against a limited number of firewall management interfaces which are exposed to the Internet. We are actively investigating this activity,” reads the security bulletin by the cybersecurity provider Palo Alto Networks. On November 8, Palo Alto …

US authorities have revealed a major cyberespionage campaign by hackers, targeting information from Americans in government and politics. The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) said in a joint statement on Wednesday that actors affiliated with Beijing had “compromised networks at multiple telecommunications companies”. In a statement …

A significant security flaw, CVE-2024-52301, has been found in the Laravel framework, which is widely used for web applications. With a CVSS rating of 8.7, this vulnerability could allow unauthorized access, data tampering, and privilege escalation in many Laravel applications. CVE-2024-52301 pertains to inadequate input validation in Laravel’s environment configuration. …