Apache HugeGraph Vulnerability

Critical Apache HugeGraph Vulnerability Under Attack

Critical Apache HugeGraph Vulnerability Under Attack Jul 17, 2024NewsroomVulnerability / Data Security Threat actors are actively exploiting a recently disclosed critical security flaw impacting Apache HugeGraph-Server that could lead to remote code execution attacks. Tracked as CVE-2024-27348 (CVSS score: 9.8), the vulnerability impacts all versions of the software before 1.3.0. Read more…

CI/CD Pipeline Vulnerability

GitLab Releases Patch for Critical CI/CD Pipeline Vulnerability and 13 Others

GitLab Releases Patch for Critical CI/CD Pipeline Vulnerability and 13 Others Jun 28, 2024NewsroomSoftware Security / DevOps GitLab has released security updates to address 14 security flaws, including one critical vulnerability that could be exploited to run continuous integration and continuous deployment (CI/CD) pipelines as any user. The weaknesses, which Read more…

Fortra FileCatalyst Workflow

Critical SQLi Vulnerability Found in Fortra FileCatalyst Workflow Application

Critical SQLi Vulnerability Found in Fortra FileCatalyst Workflow Application Jun 27, 2024NewsroomVulnerability / Enterprise Security A critical security flaw has been disclosed in Fortra FileCatalyst Workflow that, if left unpatched, could allow an attacker to tamper with the application database. Tracked as CVE-2024-5276, the vulnerability carries a CVSS score of Read more…

AirPods Bluetooth Vulnerability

Apple Patches AirPods Bluetooth Vulnerability That Could Allow Eavesdropping

Apple Patches AirPods Bluetooth Vulnerability That Could Allow Eavesdropping Jun 26, 2024NewsroomFirmware Security / Vulnerability Apple has released a firmware update for AirPods that could allow a malicious actor to gain access to the headphones in an unauthorized manner. Tracked as CVE-2024-27867, the authentication issue affects AirPods (2nd generation and Read more…

MOVEit Transfer Vulnerability

New MOVEit Transfer Vulnerability Under Active Exploitation

New MOVEit Transfer Vulnerability Under Active Exploitation Jun 26, 2024NewsroomVulnerability / Data Protection A newly disclosed critical security flaw impacting Progress Software MOVEit Transfer is already seeing exploitation attempts in the wild shortly after details of the bug were publicly disclosed. The vulnerability, tracked as CVE-2024-5806 (CVSS score: 9.1), concerns Read more…

FlyingYeti Exploits WinRAR Vulnerability to Deliver COOKBOX Malware in Ukraine

FlyingYeti Exploits WinRAR Vulnerability to Deliver COOKBOX Malware in Ukraine

FlyingYeti Exploits WinRAR Vulnerability to Deliver COOKBOX Malware in Ukraine Cloudflare on Thursday said it took steps to disrupt a month-long phishing campaign orchestrated by a Russia-aligned threat actor called FlyingYeti targeting Ukraine. “The FlyingYeti campaign capitalized on anxiety over the potential loss of access to housing and utilities by Read more…