Introduction Among the cybersecurity community, the concept of zero-day has emerged to be the most feared one as it casts a dark shadow on organizations and people of all sorts. Vulnerabilities, zero-day attacks, and exploits are the kinds of threats that mostly come in the way of ensuring cybersecurity in…
The Apache Software Foundation has made public several critical vulnerabilities in the Apache HTTP Server that could have a devastating impact, leaving millions of websites vulnerable to hacking attempts. Apache HTTP Server web server – A popular choice for millions of websites worldwide. The risks caused by these vulnerabilities are…
Check Point released a security alert on May 28, 2024, regarding CVE-2024-24919. This high-severity information disclosure vulnerability affects Check Point Security Gateway devices set up with the “IPSec VPN” or “Mobile Access” software blade. Check Point is warning users about a zero-day vulnerability that threat actors have been exploiting in…
Palo Alto Networks PAN-OS firewalls have been subject to an increased number of attempts at exploitation since the finding of CVE-2024-3400 on April 12, 2024. Recently, Palo Alto Networks identified and fixed a serious flaw in the GlobalProtect function of its PAN-OS software. But again, information from the Shadowserver Foundation…
WordPress security scanner WPScan alerts users that threat actors inject malicious code onto websites using a critical severity vulnerability in the WordPress Automatic plugin. Attackers started to focus on a critical severity vulnerability in the WordPress plugin WP Automatic, which allows them to deploy backdoors for permanent access and create…
According to a recent cybersecurity finding, more than 50,000 websites that use the popular WordPress plugin Forminator are vulnerable to severe security vulnerabilities. Website administrators who use the Forminator plugin on WordPress must update their sites as soon as possible with the most recent version of the plugin. This is because…
The widely used Rank Math SEO plugin, which has over two million users, has addressed a Stored Cross-Site Scripting vulnerability that allows malicious scripts to be uploaded and attacks to be launched. Rank Math SEO plugin has been found to have a Stored Cross-Site Scripting (XSS) vulnerability that affects more…
Security experts have discovered a critical security vulnerability in the WordPress plugin LiteSpeed Cache, putting five million WordPress websites at risk. A susceptible vulnerability has been found in the WordPress LiteSpeed plugin, leaving up to 5 million websites in jeopardy. Patchstack’s cybersecurity professionals identified the vulnerability, which poses an important…
In recent years, cybersecurity has established itself as a critical concern. However, as new threats come to light, the danger environment continuously changes. Seventy percent of international company executives believe cybersecurity will become a more significant concern in the next five years. The actions taken by organizations today have an…
Cybercriminals target users by looking for weaknesses in the authentication process; therefore, online security is crucial. Knowing the typical authentication flaws that might endanger your clients’ online identities is essential, given the rise in cyberattacks. Therefore, you should be aware of several authentication flaws if you serve consumers online and…
A WordPress Google Fonts Plugin vulnerability lets unauthorized users create and remove directories and launch cross-site scripting attacks. Millions of websites all around the world utilize WordPress as their content management system (CMS). It offers a wide range of plugins to expand its functionality and customize the user experience. Nevertheless,…
Threat-hunting professionals at Hunters’ Team Axon have found a severe design issue in Google Workspace’s domain-wide delegation capability. This weakness might enable attackers to abuse current delegations, enabling privilege escalation and unauthorized access to Workspace APIs without Super Admin abilities. November 28, 2023, in Tel Aviv, Israel, and Boston, Massachusetts,…
WordPress is among the most secure and robust content management systems (CMS) for running a website. However, every piece of software has security flaws and vulnerabilities, most of which depend on user behavior. Even the most secure software might only defend your website against attacks if you know how to…
In a swift response to the fifth newly discovered zero-day vulnerability in the Chrome browser, Google has released essential fixes. This high-severity vulnerability, officially designated as – “CVE-2023-5217” and discovered by – “Clement Lecigne” a member of Google’s Threat Analysis Group (TAG), is causing quite a stir in the cybersecurity…
The Australian software firm Atlassian rolled out fixes to tackle four high-severity product vulnerabilities that could lead to DoS attacks and remote code execution. Atlassian uncovered these flaws utilizing pen-testing processes, the Bug Bounty program, and third-party library scans. Here’s a detailed breakdown of these four vulnerabilities: CVE-2022-25647: This particular…