Multiple vulnerabilities have been discovered in Oracle products, the most severe of which could allow for remote code execution. There are many systems affected, including: Enterprise Manager for MySQL Database, version 13.5.2.0.0, and more.
Authentication bypass vulnerability CVE-2024-55591 (CVSSv3.1 9.6/10 Critical) in Fortinet’s FortiOS versions 7.0.0-7.0.16 and FortiProxy versions 7.0.0-7.0.19 and 7.2.0-7.2.12 could allow a remote threat actor to obtain super-admin privileges via specially crafted requests to the Node.js...
In April 2024, the NJCCIC reported an uptick in unpaid road toll SMiShing scams. Similar SMiShing scams have resurfaced, as threat actors are impersonating multiple road toll agencies nationwide to target New Jersey residents to collect personal and financial information.
An emerging ransomware-as-a-service (RaaS) called FunkSec claimed over 80 victims in December alone, making it the most prolific threat actor that month. FunkSec uses recycled datasets from previous hacks and is likely made up of inexperienced hackers seeking recognition.
Analysts discovered threat actors leveraging the Fasthttp Go library to gain unauthorized access to Microsoft 365 accounts through high-speed brute-force login attempts and MFA fatigue as recently as January 6. Fasthttp is a high-performance HTTP server...
Multiple vulnerabilities have been discovered in Rsync, the most severe of which could allow for remote code execution. Rsync is an open-source file synchronization and data transferring tool valued for its ability to perform incremental transfers, reducing data transfer times, etc.
Multiple vulnerabilities have been discovered Fortinet Products, the most severe of which could allow for remote code execution. FortiManager is a network and security management tool that provides centralized management of Fortinet devices from a single console.
Multiple Vulnerabilities have been discovered in Ivanti Avalanche, the most severe of which could allow for authentication bypass. Ivanti Avalanche is a mobile device management system. Network security features allow one to manage wireless settings...
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user.
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs, and more.
