Alerts

RansomHub ransomware is a ransomware-as-a-service variant formerly known as Cyclops and Knight which emerged in 2017, encrypts files on victims’ systems, and demands payment for decryption. In February 2024 threat actors affiliated with the RansomHub ransomware group systematically encrypted and exfiltrated data from at least 210 victims across various sectors, including information technology, government services, […]

Google has released an updated Chrome version “128.0.6613.119/.120” for Windows and Mac and “128.0.6613.119” for Linux. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Google Chrome Code Execution Vulnerability

Cisco has released security updates to fix several vulnerabilities affecting multiple Cisco products. The addressed vulnerabilities could allow the attacker to perform denial of service attacks, gain elevated privileges, or execute arbitrary code and gain access to the affected product. Sample of the addressed vulnerabilities: 1. Cisco NX-OS Software DHCPv6 Relay Agent Denial of Service

Google has released an updated Chrome version “128.0.6613.113/.114” for Windows and Mac, and “128.0.6613.113” for Linux. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access or cause a buffer overflow into the affected system by persuading the victim to visit a specially crafted Website. Sample of the addressed vulnerabilities:

Microsoft has released an updated Microsoft Edge Stable Channel (Version 128.0.2739.42) to address multiple vulnerabilities. The addressed vulnerabilities could allow the attacker to gain elevated privileges, bypass security restrictions, execute buffer overflow attacks, or execute arbitrary code and gain access to the affected product. Sample of the addressed vulnerabilities: 1. Microsoft Edge (Chromium-based) Buffer Overflow

Cisco has released security updates to fix several vulnerabilities affecting multiple Cisco products. The addressed vulnerabilities could allow the attacker to perform denial of service attacks, execute SQL injection attacks, obtain sensitive information, conduct cross-site scripting attacks, or execute arbitrary code and gain access to the affected products. Sample of the addressed vulnerabilities: 1. Cisco

Google has released an updated Chrome version “128.0.6613.84/.85” for Windows and Mac, and version “128.0.6613.84” for Linux. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities:

Atlassian has released security updates to fix several vulnerabilities across multiple Atlassian products. The addressed vulnerabilities could allow the remote attacker to perform denial of service attacks, conduct cross-site request forgery and server-side request forgery attacks, or execute arbitrary code and gain access to the affected systems. Sample of the addressed vulnerabilities: 1. Atlassian Crowd

F5 has released security updates to address several vulnerabilities across multiple F5 products. The addressed vulnerabilities could allow the attacker to perform denial of service attacks, obtain a user’s session cookies, and continue to use that session to access BIG-IP Next Central Manager or gain access to the affected systems. Sample of the addressed vulnerabilities:

Palo Alto has released security updates to fix multiple vulnerabilities across several Palo Alto products. The addressed vulnerabilities could allow the attacker to gain elevated privileges, conduct information disclosure, or execute arbitrary commands and gain access to the affected system. Sample of the addressed vulnerabilities: 1. Palo Alto Cortex XSOAR Command Injection in CommonScripts Pack

Intel has released security updates to address several vulnerabilities across multiple Intel products. The addressed vulnerabilities could allow the attacker to gain elevated privileges, conduct an information disclosure, perform denial of service attacks, obtain sensitive information, and gain access to the affected systems. Samples of the addressed vulnerabilities: 1. Intel® Ethernet Complete Driver Pack Escalation

Zoom has released security updates to fix several vulnerabilities across multiple Zoom products. The addressed vulnerabilities could allow the attacker to perform denial of service attacks, conduct an information disclosure via network access, or gain elevated privileges to the affected system by sending a specially crafted request. Sample of the addressed vulnerabilities: 1. Zoom Workplace

Fortinet has released security updates to fix several vulnerabilities across multiple Fortinet products. The addressed vulnerabilities could allow the attacker to perform cross-site scripting attacks, bypass the file integrity checking system, allow a read-write user to modify admin passwords via the device configuration backup, and perform OS command injection attacks to execute shell code as