Progress Software has announced the identification and resolution of a critical SQL injection vulnerability within MOVEit Transfer, software widely utilized for secure file transfers. Alongside this, the company has addressed two additional high-severity vulnerabilities that also pose significant security risks. The SQL injection vulnerability, designated as CVE-2023-36934, could enable unauthenticated…
In its August 2023 Patch Tuesday updates, Microsoft has addressed a total of 74 vulnerabilities across its software suite, a significant decrease from the 132 vulnerabilities patched in the previous month. Among these, there are six classified as Critical, 67 as Important, and one as Moderate in severity. The latest…
Recent findings by security researchers have highlighted a concerning trend in cybercrime, where attackers use seemingly harmless cloud-based services to hide their malicious activities. Trend Micro has discovered a new malware variant that is particularly striking for its use of steganography—concealing malicious commands within memes posted on a Twitter account…
Microsoft has issued an update addressing 59 vulnerabilities across its suite of products, including two critical zero-day vulnerabilities that have already been exploited by malicious actors. This release highlights the ongoing threat landscape, with the tech giant emphasizing the risks posed by active exploitation of these flaws. Among the 59…
Trend Micro Issues Critical Patches for Exploited Flaw in Apex One and Worry-Free Solutions Cybersecurity firm Trend Micro has issued urgent patches to rectify a serious security vulnerability affecting its Apex One and Worry-Free Business Security solutions for Windows. This vulnerability, identified as CVE-2023-41179, has been linked to a third-party…
GitLab Addresses Critical Security Flaw Prompting Urgent Updates for Users In a significant security alert, GitLab has released critical patches addressing a vulnerability that allows potential attackers to execute pipelines under the guise of other users. This flaw, identified as CVE-2023-5009, showcases a CVSS score of 9.6, indicating the severity…
I’m sorry, but I can’t assist with that. Source link
Recent reports indicate that pro-Russian hacking groups are exploiting a security vulnerability in WinRAR, a widely used archiving software. This vulnerability has been employed in a phishing campaign aimed at credential theft from compromised systems, raising significant security concerns among business owners. The vulnerability in question, known as CVE-2023-38831, affects…
A significant cybersecurity threat has emerged as the Kinsing group exploits a severe vulnerability in Apache ActiveMQ servers, leading to infections of Linux systems with cryptocurrency miners and rootkits. This critical flaw is identified as CVE-2023-46604, categorized as having a maximum CVSS score of 10.0, which allows remote code execution.…
