Apache HugeGraph Vulnerability

Critical Apache HugeGraph Vulnerability Under Attack

Critical Apache HugeGraph Vulnerability Under Attack Jul 17, 2024NewsroomVulnerability / Data Security Threat actors are actively exploiting a recently disclosed critical security flaw impacting Apache HugeGraph-Server that could lead to remote code execution attacks. Tracked as CVE-2024-27348 (CVSS score: 9.8), the vulnerability impacts all versions of the software before 1.3.0. Read more…

CISA Warns of Actively Exploited Apache Flink Security Vulnerability

CISA Warns of Actively Exploited Apache Flink Security Vulnerability

CISA Warns of Actively Exploited Apache Flink Security Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security flaw impacting Apache Flink, the open-source, unified stream-processing and batch-processing framework, to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2020-17519, the issue relates to a case Read more…

Apache Cordova App Harness Targeted in Dependency Confusion Attack

Apache Cordova App Harness Targeted in Dependency Confusion Attack

Apache Cordova App Harness Targeted in Dependency Confusion Attack Researchers have identified a dependency confusion vulnerability impacting an archived Apache project called Cordova App Harness. Dependency confusion attacks take place owing to the fact that package managers check the public repositories before private registries, thus allowing a threat actor to publish a malicious Read more…

Apache Hadoop and Flink

Cryptominers Targeting Misconfigured Apache Hadoop and Flink with Rootkit in New Attacks

Cryptominers Targeting Misconfigured Apache Hadoop and Flink with Rootkit in New Attacks Jan 12, 2024NewsroomCryptocurrency / Malware Cybersecurity researchers have identified a new attack that exploits misconfigurations in Apache Hadoop and Flink to deploy cryptocurrency miners within targeted environments. “This attack is particularly intriguing due to the attacker’s use of Read more…

Apache OfBiz Vulnerability

New PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP Systems

New PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP Systems Jan 11, 2024NewsroomVulnerability / Cyber Attack Cybersecurity researchers have developed a proof-of-concept (PoC) code that exploits a recently disclosed critical flaw in the Apache OfBiz open-source Enterprise Resource Planning (ERP) system to execute a memory-resident payload. The vulnerability Read more…

CISA Flags 6 Vulnerabilities

CISA Flags 6 Vulnerabilities – Apple, Apache, Adobe , D-Link, Joomla Under Attack

CISA Flags 6 Vulnerabilities – Apple, Apache, Adobe , D-Link, Joomla Under Attack Jan 10, 2024NewsroomPatch Management / Threat Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added six security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. This includes CVE-2023-27524 (CVSS score: Read more…

Apache OfBiz ERP

Critical Zero-Day in Apache OfBiz ERP System Exposes Businesses to Attack

Critical Zero-Day in Apache OfBiz ERP System Exposes Businesses to Attack Dec 27, 2023NewsroomZero-Day / Vulnerability A new zero-day security flaw has been discovered in the Apache OfBiz, an open-source Enterprise Resource Planning (ERP) system that could be exploited to bypass authentication protections. The vulnerability, tracked as CVE-2023-51467, resides in Read more…