Alerts

Google has released an updated Chrome version “131.0.6778.204/.205” for Windows and Mac and “131.0.6778.204” for Linux. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Google Chrome Code Execution Vulnerability

The Pumakit Linux rootkit is a recently identified stealthy malware targeting Linux systems. It is structured as a Loadable Kernel Module (LKM), enabling it to function at the kernel level and granting it extensive access to the operating system. The Pumakit Linux rootkit is a recently discovered malware that employs advanced stealth techniques to avoid

Splunk has released security updates to fix multiple vulnerabilities affecting several Splunk products. The addressed vulnerabilities could allow the attacker to bypass security restrictions, obtain sensitive information, or execute arbitrary code and gain access to the affected systems. Sample of the addressed vulnerabilities: Splunk Secure Gateway App Remote Code Execution Vulnerability (CVE-2024- 53247): CVSS: 8.8

Google has released an updated Chrome version “131.0.6778.139/.140” for Windows and Mac and “131.0.6778.139” for Linux. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code to gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Google Chrome Code Execution Vulnerability

Aruba has released security updatesto fix multiple vulnerabilities affecting several Aruba products. The addressed vulnerabilities could allow the remote attacker to conduct cross-site scripting attacks or denial of service attacks or execute arbitrary commands/codes and gain access to the affected systems. Sample of the addressed vulnerabilities: HPE Aruba Networking ClearPass Authenticated Remote Code Execution Vulnerability

Adobe has released security updates to fix several vulnerabilities across Adobe Acrobat and Reader, Adobe Experience Manager (AEM), and Adobe Illustrator.  The addressed vulnerabilities could allow the attacker to bypass security restrictions, perform denial of service attacks, or execute arbitrary code and gain access to the affected products. Sample of the addressed vulnerabilities: 1. Adobe

Intel has released security updates to address several vulnerabilities affecting multiple Intel products.  The addressed vulnerabilities could allow the attacker to gain elevated privileges, obtain sensitive information, or perform denial-of-service attacks on the affected systems. Samples of the addressed vulnerabilities: 1. Improper Access Control in the Intel® NUC Software Studio Service Software Vulnerability (CVE-2024-23498): CVSS:

Cybersecurity researchers discovered a new UEFI bootkit “BootKitty” in November 2024, specifically targeting Linux systems, marking a shift in stealthy and hard-toremove bootkit threats that previously focused on Windows. BootKitty is a powerful rootkit that takes control of a system by replacing the bootloader and modifying the kernel before it starts. This allows attackers to

SonicWall has released security updates to fix multiple vulnerabilities across SonicWall SMA100 SSL-VPN versions 10.2.1.13-72sv and earlier. The addressed vulnerabilities could allow the attacker to bypass security restrictions, perform stack-based and heap-based buffer overflow, or execute arbitrary code, and gain access to the affected systems. Sample of the addressed vulnerabilities: 1- SonicWall SMA100 SSLVPN Web

SolarWinds has released a security update to address a vulnerability affecting SolarWinds Platform 2024.4 and prior versions. The addressed vulnerability could allow the attacker to perform a cross-site scripting attack and affect the user interface’s search and node information section. SolarWinds Platform Cross Site Scripting Vulnerability (CVE-2024-45717): CVSS: 7.0 Attack Vector: Adjacent Attack Complexity: Low

Google has released an updated Chrome version “131.0.6778.108/.109” for Windows and Mac and “131.0.6778.108” for Linux. The addressed vulnerability could allow the remote attacker to execute arbitrary code to gain access to the affected system by persuading the victim to visit a specially crafted website. Google Chrome Code Execution Vulnerability (CVE-2024-12053): CVSS: 8.8 Attack Vector:

Trellix has released a security update to fix several vulnerabilities in Trellix Enterprise Security Manager (ESM) version 11.6.13. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, execute arbitrary code, and gain access to the affected system. The addressed vulnerabilities: 1. Trellix Enterprise Security Manager Code Execution Vulnerability (CVE-2024-11482): CVSS: 9.8 Attack