Tag : 2024-06-10

5 attack reports | 142 vulnerabilities

Attack Reports

Title Published Tags Description Number of indicators
Dissecting SSLoad Malware: A Comprehensive Technical Analysis June 10, 2024, 3:48 p.m. This in-depth analysis explores the intricate inner workings of SSLoad, a stealthy and adaptable malware known for its sophisticated delivery methods and evasion techniques. The c… 7
New Updates to ValleyRAT June 10, 2024, 3:41 p.m. Zscaler ThreatLabz recently uncovered a new campaign used to deliver the latest iteration of ValleyRAT, a remote access trojan attributed to a China-based threat actor. The campai… 26
New Agent Tesla Campaign Targeting Spanish-Speaking People June 10, 2024, 11:24 a.m. This report analyzes a phishing campaign spreading a new Agent Tesla variant designed to infiltrate victims' computers and steal sensitive information like credentials, email cont… 6
Cybercriminals attack banking customers in EU with V3B phishing kit June 10, 2024, 11:20 a.m. An analysis reveals that a cybercriminal group is distributing sophisticated phishing kits to target banking customers in the European Union. These kits, designed to steal sensiti… 44
IcedID Brings ScreenConnect and CSharp Streamer to ALPHV Ransomware Deployment June 10, 2024, 11:03 a.m. This report details an intrusion that commenced with a spam campaign distributing a forked IcedID loader. After gaining initial access, the threat actor deployed ScreenConnect and… 33

Vulnerabilities

CVE CVSS Published Product impacted Source
CVE-2024-35746 10.0 June 10, 2024, 5:16 p.m. BuddyPress Cover audit@patchstack.com
CVE-2024-36412 10.0 June 10, 2024, 8:15 p.m. SuiteCRM security-advisories@github.com
CVE-2024-34762 9.9 June 10, 2024, 4:15 p.m. Advanced Custom Fields PRO audit@patchstack.com
CVE-2024-36408 9.6 June 10, 2024, 5:16 p.m. SuiteCRM security-advisories@github.com
CVE-2024-36409 9.6 June 10, 2024, 6:15 p.m. SuiteCRM security-advisories@github.com
CVE-2024-36410 9.6 June 10, 2024, 6:15 p.m. SuiteCRM security-advisories@github.com
CVE-2024-36411 9.6 June 10, 2024, 8:15 p.m. SuiteCRM security-advisories@github.com
CVE-2024-37051 9.3 June 10, 2024, 4:15 p.m. JetBrains IntelliJ IDEA cve@jetbrains.com
CVE-2024-36415 9.1 June 10, 2024, 8:15 p.m. SuiteCRM security-advisories@github.com
CVE-2024-35677 9.0 June 10, 2024, 4:15 p.m. MegaMenu audit@patchstack.com
CVE-2024-36413 8.9 June 10, 2024, 8:15 p.m. SuiteCRM security-advisories@github.com
CVE-2024-37166 8.9 June 10, 2024, 10:15 p.m. ghtml security-advisories@github.com
CVE-2024-35241 8.8 June 10, 2024, 10:15 p.m. Composer security-advisories@github.com
CVE-2024-35242 8.8 June 10, 2024, 10:15 p.m. Composer security-advisories@github.com
CVE-2024-35658 8.6 June 10, 2024, 4:15 p.m. ThemeHigh Checkout Field Editor for WooCommerce (Pro) audit@patchstack.com
CVE-2024-35743 8.6 June 10, 2024, 5:16 p.m. Siteclean SC filechecker audit@patchstack.com
CVE-2024-35744 8.6 June 10, 2024, 5:16 p.m. Upunzipper audit@patchstack.com
CVE-2024-36416 8.6 June 10, 2024, 8:15 p.m. SuiteCRM security-advisories@github.com
CVE-2024-34761 8.5 June 10, 2024, 4:15 p.m. Advanced Custom Fields PRO audit@patchstack.com
CVE-2024-36418 8.5 June 10, 2024, 9:15 p.m. SuiteCRM security-advisories@github.com
CVE-2024-5785 8.0 June 10, 2024, 1:15 p.m. Comtrend router WLD71-T1_v2.0.201820 cve-coordination@incibe.es
CVE-2024-5597 7.8 June 10, 2024, 5:16 p.m. Fuji Electric Monitouch V-SFT ics-cert@hq.dhs.gov
CVE-2024-32849 7.8 June 10, 2024, 10:15 p.m. Trend Micro Security (Consumer) security@trendmicro.com
CVE-2024-36302 7.8 June 10, 2024, 10:15 p.m. Trend Micro Apex One Security Agent security@trendmicro.com
CVE-2024-36303 7.8 June 10, 2024, 10:15 p.m. Trend Micro Apex One security agent security@trendmicro.com
CVE-2024-36304 7.8 June 10, 2024, 10:15 p.m. Trend Micro Apex One and Apex One as a Service agent security@trendmicro.com
CVE-2024-36305 7.8 June 10, 2024, 10:15 p.m. Trend Micro Apex One security@trendmicro.com
CVE-2024-36358 7.8 June 10, 2024, 10:15 p.m. Trend Micro Deep Security security@trendmicro.com
CVE-2024-37289 7.8 June 10, 2024, 10:15 p.m. Trend Micro Apex One security@trendmicro.com
CVE-2024-36414 7.7 June 10, 2024, 8:15 p.m. SuiteCRM security-advisories@github.com
CVE-2024-34800 7.6 June 10, 2024, 4:15 p.m. Crafthemes Demo Import audit@patchstack.com
CVE-2024-35745 7.5 June 10, 2024, 5:16 p.m. Strategery Migrations audit@patchstack.com
CVE-2024-35754 7.5 June 10, 2024, 5:16 p.m. Ovic Importer audit@patchstack.com
CVE-2024-5786 6.5 June 10, 2024, 1:15 p.m. Comtrend router WLD71-T1_v2.0.201820 cve-coordination@incibe.es
CVE-2024-35474 6.5 June 10, 2024, 4:15 p.m. iceice666 ResourcePack Server cve@mitre.org
CVE-2024-36306 6.1 June 10, 2024, 10:15 p.m. Trend Micro Apex One security@trendmicro.com
CVE-2024-28833 5.9 June 10, 2024, 12:15 p.m. Checkmk security@checkmk.com
CVE-2024-36405 5.9 June 10, 2024, 1:15 p.m. liboqs security-advisories@github.com
CVE-2024-22279 5.9 June 10, 2024, 8:15 p.m. Cloud Foundry security@vmware.com
CVE-2024-36417 5.7 June 10, 2024, 8:15 p.m. SuiteCRM security-advisories@github.com
CVE-2024-21751 5.4 June 10, 2024, 8:15 a.m. RabbitLoader audit@patchstack.com
CVE-2024-36406 5.4 June 10, 2024, 3:15 p.m. SuiteCRM security-advisories@github.com
CVE-2024-3850 5.4 June 10, 2024, 5:16 p.m. Uniview NVR301-04S2-P4 ics-cert@hq.dhs.gov
CVE-2024-36359 5.4 June 10, 2024, 10:15 p.m. Trend Micro InterScan Web Security Virtual Appliance (IWSVA) security@trendmicro.com
CVE-2024-22298 5.3 June 10, 2024, 8:15 a.m. TMS Amelia ameliabooking audit@patchstack.com
CVE-2024-23524 5.3 June 10, 2024, 8:15 a.m. PilotPress audit@patchstack.com
CVE-2024-35729 5.3 June 10, 2024, 8:15 a.m. Tickera audit@patchstack.com
CVE-2024-35735 5.3 June 10, 2024, 8:15 a.m. WP Time Slots Booking Form audit@patchstack.com
CVE-2024-35742 5.3 June 10, 2024, 8:15 a.m. Easy Forms for Mailchimp audit@patchstack.com
CVE-2024-4744 5.3 June 10, 2024, 8:15 a.m. iPages Flipbook audit@patchstack.com
CVE-2024-35680 5.3 June 10, 2024, 4:15 p.m. YITH WooCommerce Product Add-Ons audit@patchstack.com
CVE-2024-35728 5.3 June 10, 2024, 5:16 p.m. PPOM for WooCommerce audit@patchstack.com
CVE-2024-35747 5.3 June 10, 2024, 5:16 p.m. wpdevart Contact Form Builder audit@patchstack.com
CVE-2024-36473 5.3 June 10, 2024, 10:15 p.m. Trend Micro VPN Proxy One Pro security@trendmicro.com
CVE-2024-37168 5.3 June 10, 2024, 10:15 p.m. @grpc/grps-js security-advisories@github.com
CVE-2024-37169 5.3 June 10, 2024, 10:15 p.m. @jmondi/url-to-png security-advisories@github.com
CVE-2024-35650 4.9 June 10, 2024, 4:15 p.m. Melapress MelaPress Login Security audit@patchstack.com
CVE-2024-35712 4.9 June 10, 2024, 4:15 p.m. Database Cleaner audit@patchstack.com
CVE-2024-36307 4.7 June 10, 2024, 10:15 p.m. Trend Micro Apex One security@trendmicro.com
CVE-2024-4403 4.4 June 10, 2024, 3:15 p.m. parisneo/lollms-webui security@huntr.dev
CVE-2024-22296 4.3 June 10, 2024, 8:15 a.m. 12 Step Meeting List audit@patchstack.com
CVE-2024-35717 4.3 June 10, 2024, 8:15 a.m. Media Slider – Photo Sleder, Video Slider, Link Slider, Carousal Slideshow audit@patchstack.com
CVE-2024-35720 4.3 June 10, 2024, 8:15 a.m. Album Gallery - WordPress Gallery audit@patchstack.com
CVE-2024-35721 4.3 June 10, 2024, 8:15 a.m. Image Gallery - Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery audit@patchstack.com
CVE-2024-35722 4.3 June 10, 2024, 8:15 a.m. WP Life Slider Responsive Slideshow audit@patchstack.com
CVE-2024-35723 4.3 June 10, 2024, 8:15 a.m. Dashboard To-Do List audit@patchstack.com
CVE-2024-35724 4.3 June 10, 2024, 8:15 a.m. Bosa Elementor Addons and Templates for WooCommerce audit@patchstack.com
CVE-2024-35725 4.3 June 10, 2024, 8:15 a.m. LA-Studio Element Kit for Elementor audit@patchstack.com
CVE-2024-35726 4.3 June 10, 2024, 8:15 a.m. ThemeKraft WooBuddy audit@patchstack.com
CVE-2024-35727 4.3 June 10, 2024, 8:15 a.m. Extra Product Options for WooCommerce audit@patchstack.com
CVE-2024-35741 4.3 June 10, 2024, 8:15 a.m. Awesome Support audit@patchstack.com
CVE-2024-4745 4.3 June 10, 2024, 8:15 a.m. Giveaways and Contests by RafflePress audit@patchstack.com
CVE-2024-4746 4.3 June 10, 2024, 8:15 a.m. Netgsm audit@patchstack.com
CVE-2024-36419 4.3 June 10, 2024, 10:15 p.m. SuiteCRM security-advisories@github.com
CVE-2024-4328 4.0 June 10, 2024, 8:15 a.m. parisneo/lollms-webui security@huntr.dev
CVE-2024-35749 3.7 June 10, 2024, 5:16 p.m. Acurax Under Construction / Maintenance Mode audit@patchstack.com
CVE-2024-36407 3.7 June 10, 2024, 5:16 p.m. SuiteCRM security-advisories@github.com
CVE-2024-37880 None June 10, 2024, 2:15 a.m. Kyber reference implementation cve@mitre.org
CVE-2024-36971 None June 10, 2024, 9:15 a.m. Linux kernel 416baaa9-dc9f-4396-8d5f-8c081fb06d67
CVE-2024-1228 None June 10, 2024, 12:15 p.m. Eurosoft Przychodnia cvd@cert.pl
CVE-2024-3699 None June 10, 2024, 12:15 p.m. drEryk Gabinet cvd@cert.pl
CVE-2024-3700 None June 10, 2024, 12:15 p.m. Estomed Sp. z o.o. Simple Care software cvd@cert.pl
CVE-2022-45168 None June 10, 2024, 3:15 p.m. LIVEBOX Collaboration vDesk cve@mitre.org
CVE-2022-45176 None June 10, 2024, 3:15 p.m. LIVEBOX Collaboration vDesk cve@mitre.org
CVE-2024-35304 None June 10, 2024, 3:15 p.m. Pandora FMS security@pandorafms.com
CVE-2024-35305 None June 10, 2024, 3:15 p.m. Pandora FMS security@pandorafms.com
CVE-2024-35306 None June 10, 2024, 3:15 p.m. Pandora FMS security@pandorafms.com
CVE-2024-35307 None June 10, 2024, 3:15 p.m. Pandora FMS security@pandorafms.com
CVE-2024-36528 None June 10, 2024, 3:15 p.m. nukeviet cve@mitre.org
CVE-2024-36531 None June 10, 2024, 3:15 p.m. nukeviet cve@mitre.org
CVE-2024-36972 None June 10, 2024, 3:15 p.m. Linux kernel 416baaa9-dc9f-4396-8d5f-8c081fb06d67
CVE-2024-26507 None June 10, 2024, 4:15 p.m. FinalWire AIRDA Extreme cve@mitre.org
CVE-2024-31613 None June 10, 2024, 4:15 p.m. BOSSCMS cve@mitre.org
CVE-2024-34332 None June 10, 2024, 4:15 p.m. SiSoftware SANDRA cve@mitre.org
CVE-2024-31611 None June 10, 2024, 5:16 p.m. SeaCMS cve@mitre.org
CVE-2024-5102 None June 10, 2024, 5:16 p.m. Avast Antivirus security@nortonlifelock.com
CVE-2024-31612 None June 10, 2024, 6:15 p.m. Emlog cve@mitre.org
CVE-2022-32897 None June 10, 2024, 8:15 p.m. macOS product-security@apple.com
CVE-2022-32933 None June 10, 2024, 8:15 p.m. macOS product-security@apple.com
CVE-2022-48578 None June 10, 2024, 8:15 p.m. macOS product-security@apple.com
CVE-2022-48683 None June 10, 2024, 8:15 p.m. macOS Ventura product-security@apple.com
CVE-2023-40389 None June 10, 2024, 8:15 p.m. macOS Ventura product-security@apple.com
CVE-2024-23299 None June 10, 2024, 8:15 p.m. macOS product-security@apple.com
CVE-2024-27792 None June 10, 2024, 8:15 p.m. macOS product-security@apple.com
CVE-2024-32167 None June 10, 2024, 8:15 p.m. Sourcecodester Online Medicine Ordering System cve@mitre.org
CVE-2024-37014 None June 10, 2024, 8:15 p.m. Langflow cve@mitre.org
CVE-2024-37393 None June 10, 2024, 8:15 p.m. SecurEnvoy MFA cve@mitre.org
CVE-2024-23251 None June 10, 2024, 9:15 p.m. macOS product-security@apple.com
CVE-2024-23282 None June 10, 2024, 9:15 p.m. macOS Sonoma product-security@apple.com
CVE-2024-27799 None June 10, 2024, 9:15 p.m. iOS product-security@apple.com
CVE-2024-27800 None June 10, 2024, 9:15 p.m. macOS Monterey product-security@apple.com
CVE-2024-27801 None June 10, 2024, 9:15 p.m. iOS product-security@apple.com
CVE-2024-27802 None June 10, 2024, 9:15 p.m. macOS Monterey product-security@apple.com
CVE-2024-27805 None June 10, 2024, 9:15 p.m. macOS Monterey product-security@apple.com
CVE-2024-27806 None June 10, 2024, 9:15 p.m. macOS Monterey product-security@apple.com
CVE-2024-27807 None June 10, 2024, 9:15 p.m. iOS product-security@apple.com
CVE-2024-27808 None June 10, 2024, 9:15 p.m. iOS product-security@apple.com
CVE-2024-27811 None June 10, 2024, 9:15 p.m. macOS product-security@apple.com
CVE-2024-27812 None June 10, 2024, 9:15 p.m. visionOS product-security@apple.com
CVE-2024-27814 None June 10, 2024, 9:15 p.m. watchOS product-security@apple.com
CVE-2024-27815 None June 10, 2024, 9:15 p.m. iOS product-security@apple.com
CVE-2024-27817 None June 10, 2024, 9:15 p.m. Apple macOS product-security@apple.com
CVE-2024-27819 None June 10, 2024, 9:15 p.m. iOS product-security@apple.com
CVE-2024-27820 None June 10, 2024, 9:15 p.m. macOS Sonoma product-security@apple.com
CVE-2024-27828 None June 10, 2024, 9:15 p.m. iOS product-security@apple.com
CVE-2024-27830 None June 10, 2024, 9:15 p.m. iOS product-security@apple.com
CVE-2024-27831 None June 10, 2024, 9:15 p.m. macOS Monterey product-security@apple.com
CVE-2024-27832 None June 10, 2024, 9:15 p.m. iOS product-security@apple.com
CVE-2024-27833 None June 10, 2024, 9:15 p.m. Apple iOS product-security@apple.com
CVE-2024-27836 None June 10, 2024, 9:15 p.m. iOS product-security@apple.com
CVE-2024-27838 None June 10, 2024, 9:15 p.m. macOS Sonoma product-security@apple.com
CVE-2024-27840 None June 10, 2024, 9:15 p.m. macOS Monterey product-security@apple.com
CVE-2024-27844 None June 10, 2024, 9:15 p.m. macOS Sonoma product-security@apple.com
CVE-2024-27845 None June 10, 2024, 9:15 p.m. iOS product-security@apple.com
CVE-2024-27848 None June 10, 2024, 9:15 p.m. iOS product-security@apple.com
CVE-2024-27850 None June 10, 2024, 9:15 p.m. iOS product-security@apple.com
CVE-2024-27851 None June 10, 2024, 9:15 p.m. macOS product-security@apple.com
CVE-2024-27855 None June 10, 2024, 9:15 p.m. iOS product-security@apple.com
CVE-2024-27857 None June 10, 2024, 9:15 p.m. iOS product-security@apple.com
CVE-2024-27885 None June 10, 2024, 9:15 p.m. macOS product-security@apple.com
CVE-2024-33850 None June 10, 2024, 9:15 p.m. Pexip Infinity cve@mitre.org
CVE-2024-36471 None June 10, 2024, 10:15 p.m. Apache Allura security@apache.org