Apache HugeGraph Vulnerability

Critical Apache HugeGraph Vulnerability Under Attack

Critical Apache HugeGraph Vulnerability Under Attack Jul 17, 2024NewsroomVulnerability / Data Security Threat actors are actively exploiting a recently disclosed critical security flaw impacting Apache HugeGraph-Server that could lead to remote code execution attacks. Tracked as CVE-2024-27348 (CVSS score: 9.8), the vulnerability impacts all versions of the software before 1.3.0. Read more…

Polyfill Attack

Polyfill[.]io Attack Impacts Over 380,000 Hosts, Including Major Companies

Polyfill[.]io Attack Impacts Over 380,000 Hosts, Including Major Companies Jul 05, 2024NewsroomSupply Chain Attack / Malware The supply chain attack targeting widely-used Polyfill[.]io JavaScript library is wider in scope than previously thought, with new findings from Censys showing that over 380,000 hosts are embedding a polyfill script linking to the Read more…

Microsoft Management Console Files

New Attack Technique Exploits Microsoft Management Console Files

New Attack Technique Exploits Microsoft Management Console Files Jun 25, 2024NewsroomVulnerability / Threat Detection Threat actors are exploiting a novel attack technique in the wild that leverages specially crafted management saved console (MSC) files to gain full code execution using Microsoft Management Console (MMC) and evade security defenses. Elastic Security Read more…