Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user.
Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution. Depending on the privileges associated...
Over the last several weeks, the NJCCIC has observed an increase in compromised New Jersey public sector accounts. These accounts are often compromised after a user submits their account credentials to a fraudulent webpage navigated to via a phishing email.
A vulnerability in the React Server Components (RSC) implementation has been discovered that could allow for remote code execution. Specifically, it could allow for unauthenticated remote code execution on affected servers. The issue stems from unsafe...
Since the public release of ChatGPT in November 2022, artificial intelligence (AI) has been integrated into many facets of human society. For critical infrastructure owners and operators, AI can potentially be used to increase efficiency and productivity, enhance decision-making, save costs, etc.
A vulnerability has been discovered SonicOS, which could allow for Denial of Service (DoS). SonicOS is the operating system that runs on SonicWall's network security appliances, such as firewalls. Successful exploitation of this vulnerability could allow a...
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user.
Princeton University discovered a data breach exposing the personal information of alums, donors, faculty, staff members, and students. On November 10, threat actors targeted an employee in a phishing attack, compromising a database that contained biographical information...
The NJCCIC has observed threat actor TA584, also known as Storm-0900 and UNC4122, sending phishing emails that mimic login.gov and Medicare.gov. In both campaigns, the messages include unique AWS URLs that likely lead to a landing page with a slide CAPTCHA.
Multiple vulnerabilities have been discovered in Fortinet products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the affected service account.
