The Mispadu banking Trojan has been identified as leveraging a recently patched vulnerability in Windows SmartScreen to target users in Mexico. This malware, which first appeared in 2019, has evolved into a new variant that cybercriminals are utilizing to gain unlawful access to sensitive information. According to a report from…
Palo Alto Networks has issued critical security updates in response to five vulnerabilities affecting its products, including a significant flaw that poses an authentication bypass risk. This vulnerability, identified as CVE-2024-5910, has been assigned a high CVSS score of 9.3 and pertains to a missing authentication issue in the Expedition…
Palo Alto Networks has issued an urgent warning regarding a critical vulnerability affecting its PAN-OS software utilized in GlobalProtect gateways, noting that this flaw is currently being actively exploited in the wild. Designated as CVE-2024-3400, this vulnerability carries a maximum CVSS score of 10.0, underscoring its potential severity and urgency…
A significant cyber threat has emerged, characterized by the exploitation of a recently uncovered zero-day vulnerability in Palo Alto Networks PAN-OS software. This flaw has been active since March 26, 2024, well before its public disclosure, which occurred yesterday. Unit 42, a division of Palo Alto Networks, has initiated a…
Palo Alto Networks has issued urgent hotfixes in response to a critical security vulnerability affecting its PAN-OS software that is currently being exploited in live environments. This vulnerability, identified as CVE-2024-3400, has received the highest severity rating with a CVSS score of 10.0. It involves a command injection flaw within…
A recent malware campaign has targeted Cisco networking equipment, exploiting two previously unknown vulnerabilities identified as zero-day flaws to deliver customized malware and conduct covert data collection in targeted environments. Cisco Talos, naming this operation “ArcaneDoor,” has attributed the attacks to UAT4356, an advanced state-sponsored group also known as Storm-1849…
Docker Warns of Critical Flaw in Docker Engine Docker has issued an urgent alert regarding a significant vulnerability affecting various versions of the Docker Engine. This flaw could allow attackers to bypass authorization plugins (AuthZ) under certain conditions, posing a serious security risk for users. Labeled as CVE-2024-41110, this bypass…
Microsoft Addresses 61 Security Vulnerabilities in May Patch Update In its latest Patch Tuesday update for May 2024, Microsoft has resolved 61 newly identified security vulnerabilities across its software products, amongst them two zero-day flaws that have been actively exploited in the wild. These updates follow a proactive security strategy…
Check Point has issued a warning regarding a critical zero-day vulnerability affecting its Network Security gateway products, which has already been exploited by cybercriminals in the wild. The vulnerability, designated as CVE-2024-24919 and carrying a CVSS score of 8.6, affects numerous products including CloudGuard Network, Quantum Maestro, Quantum Scalable Chassis,…
