Tag: 2024-05-15

3 Attack Reports | 132 Vulnerabilities

Attack reports

Ebury is alive but unseen: 400k Linux servers compromised for cryptotheft and financial gain

The Ebury malware gang is continuing to expand, with hundreds of thousands of servers compromised and used to steal cryptocurrency and credit card data, according to a paper published by ESET Research on 14 May 2024.

Published: May 15, 2024

Downloadable IOCs: 141

The Overlapping Cyber Strategies Of Transparent Tribe And SideCopy Against India

CRIL's analysis revealed SideCopy APT group's sophisticated malware campaign, employing malicious LNK files and a complex infection chain involving HTAs and loader DLLs to deploy malware like ReverseRAT and Action RAT. SideCopy targets Indian universities and government entities, suggesting potenti…

infection chain

Published: May 15, 2024

Downloadable IOCs: 21

Ongoing Malvertising Campaign leads to Ransomware

Rapid7 detected an ongoing malware distribution campaign involving trojanized installers of WinSCP and PuTTY, delivered via malicious search engine ads. The infection chain employs DLL side-loading, credential access, and deploys Sliver beacons followed by Cobalt Strike. In one case, the threat act…

Published: May 15, 2024

Downloadable IOCs: 78

Click here to see more Attack Reports

Vulnerabilities

CVE-2024-32888

Amazon JDBC Driver for Redshift

Published: May 15, 2024

CVE-2024-4893

DigiWin EasyFlow .NET

Published: May 15, 2024

CVE-2024-32047

CyberPower PowerPanel

Published: May 15, 2024

CVE-2024-32053

CyberPower PowerPanel

Published: May 15, 2024

CVE-2024-33625

CyberPower PowerPanel Business

Published: May 15, 2024

CVE-2024-34025

CyberPower PowerPanel business application

Published: May 15, 2024

CVE-2024-3319

Identity Security Cloud (ISC)

Identity Security Cloud

IdentityProfile

Published: May 15, 2024

CVE-2024-4847

WordPress Alt Text AI plugin

Alt Text AI plugin for WordPress

Published: May 15, 2024

CVE-2024-4010

Email Subscribers by Icegram Express plugin for WordPress

Published: May 15, 2024

CVE-2024-4670

All-in-One Video Gallery plugin for WordPress

Published: May 15, 2024

CVE-2024-31856

CyberPower PowerPanel

Published: May 15, 2024

CVE-2024-33615

CyberPower PowerPanel

Published: May 15, 2024

CVE-2024-34082

Grav

Grav

Published: May 15, 2024

CVE-2024-28042

PowerSYSTEM Center

Published: May 15, 2024

CVE-2023-6324

ThroughTek Kalay SDK

Published: May 15, 2024

CVE-2023-5938

Arc

Arc

Published: May 15, 2024

CVE-2024-30284

Acrobat Reader

Published: May 15, 2024

CVE-2024-30310

Acrobat Reader

Published: May 15, 2024

CVE-2024-34094

Acrobat Reader

Published: May 15, 2024

CVE-2024-34095

Acrobat Reader

Acrobat Reader

Published: May 15, 2024

CVE-2024-34096

Acrobat Reader

Acrobat Reader

Published: May 15, 2024

CVE-2024-34097

Acrobat Reader

Published: May 15, 2024

CVE-2024-34098

Acrobat Reader

Published: May 15, 2024

CVE-2024-34099

Acrobat Reader

Published: May 15, 2024

CVE-2024-34100

Acrobat Reader

Published: May 15, 2024

CVE-2023-5936

Arc

Arc

Published: May 15, 2024

CVE-2024-3483

OpenText iManager

Published: May 15, 2024

CVE-2024-3486

OpenText iManager

Published: May 15, 2024

CVE-2024-3968

OpenText iManager

Published: May 15, 2024

CVE-2024-20366

Cisco Crosswork Network Services Orchestrator (NSO)

Published: May 15, 2024

CVE-2024-4200

Progress Telerik Reporting

Published: May 15, 2024

CVE-2024-4202

Progress Telerik Reporting

Published: May 15, 2024

CVE-2024-31410

CyberPower PowerPanel

Published: May 15, 2024

CVE-2024-3967

OpenText iManager

Published: May 15, 2024

CVE-2023-5935

Arc

Published: May 15, 2024

CVE-2023-6321

Published: May 15, 2024

CVE-2023-6322

Roku Indoor Camera SE

Wyze Cam v3

Published: May 15, 2024

CVE-2024-3892

Telerik UI for WinForms

Telerik UI for WinForms

Published: May 15, 2024

CVE-2024-35179

Stalwart Mail Server

Published: May 15, 2024

CVE-2024-20391

Cisco Secure Client

Published: May 15, 2024

CVE-2024-27244

Zoom Workplace VDI App for Windows

Published: May 15, 2024

CVE-2024-3744

azure-file-csi-driver

Published: May 15, 2024

CVE-2024-3317

Identity Security Cloud (ISC)

Published: May 15, 2024

CVE-2024-4357

Progress Telerik Report Server

Published: May 15, 2024

CVE-2024-3182

Published: May 15, 2024

CVE-2024-31409

CyberPower PowerPanel

Published: May 15, 2024

CVE-2024-27243

Zoom Workplace Apps and SDK

Published: May 15, 2024

CVE-2024-4363

Visual Portfolio, Photo Gallery & Post Grid plugin for WordPress

Published: May 15, 2024

CVE-2024-4370

WPZOOM Addons for Elementor (Templates, Widgets) plugin

WPZOOM Addons for Elementor plugin

Published: May 15, 2024

CVE-2024-4373

Sina Extension for Elementor plugin for WordPress

Sina Extension for Elementor plugin

Published: May 15, 2024

CVE-2024-4618

Exclusive Addons for Elementor plugin for WordPress

Published: May 15, 2024

CVE-2024-4208

Gutenberg Blocks with AI by Kadence WP - Page Builder Features plugin for WordPress

Published: May 15, 2024

CVE-2024-4636

Image Optimization by Optimole plugin for WordPress

Image Optimization by Optimole WordPress plugin

Published: May 15, 2024

CVE-2024-4702

Mega Elements plugin for WordPress

Published: May 15, 2024

CVE-2024-2248

JFrog platform

JFrog platform

Published: May 15, 2024

CVE-2024-4903

Published: May 15, 2024

CVE-2024-4905

Kashipara College Management System

Published: May 15, 2024

CVE-2024-4906

Campcodes Complete Web-Based School Management System

Published: May 15, 2024

CVE-2024-4907

Campcodes Complete Web-Based School Management System

Published: May 15, 2024

CVE-2024-4908

Campcodes Complete Web-Based School Management System

Published: May 15, 2024

CVE-2024-4909

Campcodes Complete Web-Based School Management System

Published: May 15, 2024

CVE-2024-4904

Byzoro Smart S200 Management Platform

Published: May 15, 2024

CVE-2024-4910

Campcodes Complete Web-Based School Management System

Published: May 15, 2024

CVE-2024-4911

Campcodes Complete Web-Based School Management System

Published: May 15, 2024

CVE-2024-4912

Campcodes Online Examination System

Published: May 15, 2024

CVE-2024-4913

Campcodes Online Examination System

Published: May 15, 2024

CVE-2024-4914

Campcodes Online Examination System

Published: May 15, 2024

CVE-2024-4915

Campcodes Online Examination System

Published: May 15, 2024

CVE-2024-20258

Cisco Secure Email and Web Manager

Secure Email Gateway

Published: May 15, 2024

CVE-2024-20392

Cisco Secure Email Gateway

Published: May 15, 2024

CVE-2024-3484

OpenText iManager

Published: May 15, 2024

CVE-2024-3488

OpenText iManager

Published: May 15, 2024

CVE-2024-30311

Acrobat Reader

Published: May 15, 2024

CVE-2024-30312

Acrobat Reader

Acrobat Reader

Published: May 15, 2024

CVE-2024-34101

Acrobat Reader

Acrobat Reader

Published: May 15, 2024

CVE-2024-20394

Cisco AppDynamics Network Visibility Agent

Published: May 15, 2024

CVE-2024-35184

Paperless-ngx

Published: May 15, 2024

CVE-2024-3189

Gutenberg Blocks by Kadence Blocks - WordPress Plugin

Gutenberg Blocks by Kadence Blocks - Page Builder Features plugin for WordPress

Published: May 15, 2024

CVE-2024-4894

ITPison OMICARD EDM

Published: May 15, 2024

CVE-2024-3485

OpenText iManager

Published: May 15, 2024

CVE-2024-3970

OpenText iManager

OpenText™ iManager

Published: May 15, 2024

CVE-2024-4837

Progress Telerik Report Server

Progress Telerik Report Server

Published: May 15, 2024

CVE-2024-31216

source-controller

Published: May 15, 2024

CVE-2024-32042

CyberPower PowerPanel

Published: May 15, 2024

CVE-2023-7258

Gvisor Sandbox

Published: May 15, 2024

CVE-2024-20256

Cisco Secure Email and Web Manager

Cisco Secure Web Appliance

Published: May 15, 2024

CVE-2024-20257

Cisco Secure Email Gateway

Published: May 15, 2024

CVE-2024-20383

Cisco Crosswork NSO

Cisco Crosswork NSO CLI

Published: May 15, 2024

CVE-2024-20369

Cisco Crosswork Network Services Orchestrator (NSO)

Published: May 15, 2024

CVE-2024-4656

Import and export users and customers plugin for WordPress

WordPress Import and Export Users and Customers Plugin

Published: May 15, 2024

CVE-2024-4734

Import and export users and customers plugin for WordPress

Published: May 15, 2024

CVE-2024-35183

Published: May 15, 2024

CVE-2024-0437

Password Protected – Ultimate Plugin to Password Protect Your WordPress Content with Ease

Published: May 15, 2024

CVE-2024-4199

Bulk Posts Editing For WordPress plugin for WordPress

Bulk Posts Editing For WordPress plugin

Published: May 15, 2024

CVE-2023-6323

ThroughTek Kalay SDK

Published: May 15, 2024

CVE-2024-3318

DelimitedFileConnector Cloud Connector

Published: May 15, 2024

CVE-2023-5937

Arc

Arc configuration files on Windows systems

Published: May 15, 2024

CVE-2024-3487

OpenText iManager

Published: May 15, 2024

CVE-2024-35108

Published: May 15, 2024

CVE-2024-35109

Published: May 15, 2024

CVE-2024-3405

WP Prayer WordPress plugin

WP Prayer WordPress plugin

Published: May 15, 2024

CVE-2024-3406

WP Prayer WordPress plugin

Published: May 15, 2024

CVE-2024-3407

WP Prayer WordPress plugin

Published: May 15, 2024

CVE-2024-3548

WP Shortcodes Plugin — Shortcodes Ultimate WordPress plugin

Shortcodes Ultimate WordPress plugin

Published: May 15, 2024

CVE-2024-3629

HL Twitter WordPress plugin

Published: May 15, 2024

CVE-2024-3630

HL Twitter WordPress plugin

Published: May 15, 2024

CVE-2024-3631

HL Twitter WordPress plugin

Published: May 15, 2024

CVE-2024-3634

benaceur WordPress plugin

Published: May 15, 2024

CVE-2024-3748

SP Project & Document Manager WordPress plugin

Published: May 15, 2024

CVE-2024-3749

SP Project & Document Manager WordPress plugin

SP Project & Document Manager WordPress plugin

Published: May 15, 2024

CVE-2024-3822

Base64 Encoder/Decoder WordPress plugin

Published: May 15, 2024

CVE-2024-3823

Base64 Encoder/Decoder WordPress plugin

Base64 Encoder/Decoder WordPress plugin

Published: May 15, 2024

CVE-2024-3824

Base64 Encoder/Decoder WordPress plugin

Base64 Encoder/Decoder WordPress plugin

Published: May 15, 2024

CVE-2024-25078

Insyde InsydeH2O

InsydeH2O BIOS

Published: May 15, 2024

CVE-2024-25079

Insyde InsydeH2O

Published: May 15, 2024

CVE-2024-27353

Insyde InsydeH2O kernel

Insyde InsydeH2O

Published: May 15, 2024

CVE-2024-34954

Code-projects Budget Management

Published: May 15, 2024

CVE-2024-34955

Code-projects Budget Management

Published: May 15, 2024

CVE-2024-27593

Published: May 15, 2024

CVE-2024-28087

Bonitasoft Bonita Runtime

Bonitasoft runtime Community edition

Published: May 15, 2024

CVE-2024-4622

alpitronic Hypercharger EV charging devices

Published: May 15, 2024

CVE-2024-25743

Linux kernel

AMD SEV-SNP

Published: May 15, 2024

CVE-2024-35102

VITEC AvediaServer

Published: May 15, 2024

CVE-2023-40297

Stakater Forecastle

Published: May 15, 2024

CVE-2024-34906

Published: May 15, 2024

CVE-2024-34909

Published: May 15, 2024

CVE-2024-34913

r-pan-scaffolding

Published: May 15, 2024

CVE-2024-4947

Google Chrome

Published: May 15, 2024

CVE-2024-4948

Google Chrome

Published: May 15, 2024

CVE-2024-4949

Google Chrome

Published: May 15, 2024

CVE-2024-4950

Google Chrome

Published: May 15, 2024

CVE-2024-4976

Xpdf

Published: May 15, 2024

Click here to see more Vulnerabilities