Security News
A critical vulnerability (CVE-2024-6800) affecting all currently supported versions of GitHub Enterprise Server (GHES) may allow attackers to gain unrestricted access to the instance’s contents....
A new Chrome zero-day vulnerability (CVE-2024-7971) exploited by attackers in the wild has been fixed by Google. About CVE-2024-7971 CVE-2024-7971 is a high-severity vulnerability caused by a type...
CVE-2024-38193, an actively exploited zero-day that Microsoft patched earlier this month, has been leveraged by North Korean hackers to install a rootkit on targets’ computers, Gen Digital...
SolarWinds has fixed a critical vulnerability in its Web Help Desk solution that may allow attackers to run commands on the host machine. "While it was reported as an unauthenticated vulnerability, SolarWinds has been unable to reproduce it without authentication after thorough testing. However, out of an abundance of caution, we recommend all Web Help Desk customers apply the patch, which is now available," the company advises.
A new MS Office zero-day vulnerability can be exploited by attackers to grab users' NTLM hashes, Microsoft has shared late last week. Once attackers get a victim's NTLM hash, they can relay it another service and authenticate as the victim.
Critical 1Password flaws may allow hackers to snatch your passwords (CVE-2024-42219, CVE-2024-42218)
Two vulnerabilities affecting the macOS version of the popular 1Password password manager could allow malware to steal secrets stored in the software's vaults and obtain the account unlock key, AgileBits has confirmed. Discovered by the Robinhood Red Team during a security assessment of 1Password for Mac and then privately reported to the software's makers, the vulnerabilities have been fixed in two consecutive versions of the software: v8.10.36 and v8.10.38.
Two cross-site scripting vulnerabilities affecting Roundcube could be exploited by attackers to steal users' emails and contacts, email password, and send emails from their account. "No user interaction beyond viewing the attacker's email is required to exploit. For CVE-2024-42008, a single click by the victim is needed for the exploit to work, but the attacker can make this interaction unobvious for the user," Sonar vulnerability researcher Oskar Zeino-Mahmalat noted.
CVE-2024-38856, an incorrect authorization vulnerability affecting all but the latest version of Apache OFBiz, may be exploited by remote, unauthenticated attackers to execute arbitrary code on vulnerable systems. Apache OFBiz is an open-source framework for enterprise resource planning that encompasses web applications that serve common business needs, such as human resources, accounting, inventory management, customer relationship management, marketing and so on.
Ransomware operators have been leveraging CVE-2024-37085, an authentication bypass vulnerability affecting Active Directory domain-joined VMware ESXi hypervisors, to gain full administrative access to them and encrypt their file system."ESXi is a bare-metal hypervisor that is installed directly onto a physical server and provides direct access and control of underlying resources. ESXi hypervisors host virtual machines that may include critical servers in a network," Microsoft's threat analysts explained.
CVE-2023-45249, a critical vulnerability affecting older versions of Acronis Cyber Infrastructure, is being exploited by attackers. Acronis Cyber Infrastructure is an IT infrastructure solution that provides storage, compute, and network resources.