Today > 1 Critical | 6 High | 24 Medium vulnerabilities - You can now download lists of IOCs here!

Tag: 2024-09-25

5 attack reports | 158 vulnerabilities

Attack reports

Analysis of the BlackJack group: techniques, tools, and similarities with Twelve

The report examines the BlackJack hacktivist group targeting Russian organizations, focusing on their tools, techniques, and connections to the Twelve group. BlackJack employs freely available software like the Shamoon wiper and LockBit ransomware. Significant overlaps with Twelve include similar m…

Published: September 25, 2024

Downloadable IOCs 1

SilentSelfie: Revealing a major campaign against Kurdish websites

A large-scale cyber espionage campaign targeting Kurdish websites was uncovered, involving 25 compromised sites using four variants of malicious scripts. The attacks ranged from simple location tracking to prompting users to install malicious Android apps. Despite lacking sophisticated techniques, …

cyber espionage

android malware

location tracking

Published: September 25, 2024

Downloadable IOCs 0

European Banks Already Under Attack by New Malware Variant

A new version of the Octo malware, named Octo2, has emerged as a significant threat to European banks. This variant builds upon the capabilities of its predecessor, which was already a dominant force in mobile malware. Octo2 features improved remote access capabilities, sophisticated obfuscation te…

Published: September 25, 2024

Downloadable IOCs 0

Threat Actors leverage Docker Swarm and Kubernetes to mine cryptocurrency at scale

A new cryptojacking campaign targeting Docker Engine API has been discovered, with the ability to move laterally to Docker Swarm, Kubernetes, and SSH servers. The attackers exploit exposed Docker API endpoints to deploy cryptocurrency miners and additional malicious payloads. They utilize Docker Hu…

container security

Published: September 25, 2024

Downloadable IOCs 41

Investigating Infrastructure and Tactics of Phishing-as-a-Service Platform Sniper Dz

Unit42 explores Sniper Dz, a popular phishing-as-a-service (PhaaS) platform targeting social media and online services. Over 140,000 phishing websites associated with Sniper Dz were identified in the past year. The platform offers an admin panel with phishing page catalogs, allowing users to host o…

credential theft

victim tracking

Published: September 25, 2024

Downloadable IOCs 7

» Click here to see all Attack Reports «

Vulnerabilities

CVE-2024-8436

WP Easy Gallery

Published: September 25, 2024

CVE-2023-26686

CS-Cart MultiVendor

Published: September 25, 2024

CVE-2023-26689

CS-Cart MultiVendor

Published: September 25, 2024

CVE-2024-42505

Aruba's Access Point

Published: September 25, 2024

CVE-2024-42506

Aruba Access Points

Published: September 25, 2024

CVE-2024-42507

Aruba Access Points

Published: September 25, 2024

CVE-2024-42797

Kashipara Music Management System

Published: September 25, 2024

CVE-2024-43423

ProGauge MAGLINK LX4 CONSOLE

Published: September 25, 2024

CVE-2024-43692

ProGauge MAGLINK LX CONSOLE

Published: September 25, 2024

CVE-2024-43693

ProGauge MAGLINK LX CONSOLE

Published: September 25, 2024

CVE-2024-45066

ProGauge MAGLINK LX CONSOLE IP

Published: September 25, 2024

CVE-2024-46612

Published: September 25, 2024

CVE-2024-46957

mellium.im/xmpp

Published: September 25, 2024

CVE-2024-8877

Riello Netman 204

Published: September 25, 2024

CVE-2024-8878

Published: September 25, 2024

CVE-2024-8940

Published: September 25, 2024

CVE-2024-9142

Olgu Computer Systems e-Belediye

Published: September 25, 2024

CVE-2024-8485

WordPress REST API TO MiniProgram plugin

Published: September 25, 2024

CVE-2024-8275

The Events Calendar plugin for WordPress

Published: September 25, 2024

CVE-2024-7575

Telerik UI for WPF

Published: September 25, 2024

CVE-2024-7576

Progress Telerik UI for WPF

Published: September 25, 2024

CVE-2024-47078

Published: September 25, 2024

CVE-2024-8067

Published: September 25, 2024

CVE-2024-20510

Published: September 25, 2024

CVE-2024-6592

WatchGuard Authentication Gateway

Published: September 25, 2024

CVE-2024-6593

WatchGuard Authentication Gateway

Published: September 25, 2024

CVE-2023-26687

CS-Cart MultiVendor

Published: September 25, 2024

CVE-2023-26690

CS-Cart MultiVendor

Published: September 25, 2024

CVE-2024-45373

ProGauge MAGLINK LX4 CONSOLE

Published: September 25, 2024

CVE-2024-9120

Google Chrome

Published: September 25, 2024

CVE-2024-9121

Google Chrome

Published: September 25, 2024

CVE-2024-9122

Google Chrome

Published: September 25, 2024

CVE-2024-8290

WCFM - Frontend Manager for WooCommerce

Published: September 25, 2024

CVE-2024-7479

TeamViewer Remote Client

Published: September 25, 2024

CVE-2024-7481

TeamViewer Remote Clients

Published: September 25, 2024

CVE-2024-20437

Cisco IOS XE Software

Published: September 25, 2024

CVE-2024-46489

Published: September 25, 2024

CVE-2024-47305

use_any_font

Published: September 25, 2024

CVE-2024-47315

Published: September 25, 2024

CVE-2024-30128

HCL Nomad server on Domino

Published: September 25, 2024

CVE-2024-20455

Cisco IOS XE Software

Published: September 25, 2024

CVE-2024-20464

Cisco IOS XE Software

Published: September 25, 2024

CVE-2024-20467

Published: September 25, 2024

CVE-2024-20480

Published: September 25, 2024

CVE-2024-21545

Proxmox Virtual Environment

Published: September 25, 2024

CVE-2024-8942

Published: September 25, 2024

CVE-2021-38963

Published: September 25, 2024

CVE-2024-46461

VLC media player

Published: September 25, 2024

CVE-2024-44678

Gigastone TR1 Travel Router R101

Published: September 25, 2024

CVE-2024-47082

Published: September 25, 2024

CVE-2024-7679

Progress Telerik UI for WinForms

Published: September 25, 2024

CVE-2024-8316

Telerik UI for WPF

Published: September 25, 2024

CVE-2024-8975

Published: September 25, 2024

CVE-2024-8996

Published: September 25, 2024

CVE-2024-46607

Published: September 25, 2024

CVE-2022-43845

Published: September 25, 2024

CVE-2023-5359

W3 Total Cache plugin for WordPress

Published: September 25, 2024

CVE-2024-39928

Apache Linkis

Published: September 25, 2024

CVE-2024-46609

Published: September 25, 2024

CVE-2024-46610

Published: September 25, 2024

CVE-2024-46935

Rocket.Chat

Published: September 25, 2024

CVE-2024-46936

Rocket.Chat

Published: September 25, 2024

CVE-2024-8497

Franklin Fueling Systems TS-550 EVO

Published: September 25, 2024

CVE-2024-8484

WordPress MiniProgram plugin

Published: September 25, 2024

CVE-2024-8175

Published: September 25, 2024

CVE-2024-31145

Xen Hypervisor

Published: September 25, 2024

CVE-2024-31146

Xen Hypervisor

Published: September 25, 2024

CVE-2024-6594

WatchGuard Single Sign-On Client

Published: September 25, 2024

CVE-2024-22892

Published: September 25, 2024

CVE-2024-22893

Published: September 25, 2024

CVE-2024-44825

InVesalius3

Published: September 25, 2024

CVE-2024-20350

Cisco Catalyst Center

Published: September 25, 2024

CVE-2024-20433

Cisco IOS XE Software

Published: September 25, 2024

CVE-2024-20436

Cisco IOS XE Software

Published: September 25, 2024

CVE-2024-41708

ada_web_services

Published: September 25, 2024

CVE-2024-47083

power_platform_terraform_provider

Published: September 25, 2024

CVE-2024-8481

Special Text Boxes plugin for WordPress

Published: September 25, 2024

CVE-2024-45750

TheGreenBow VPN Client for Windows

Published: September 25, 2024

CVE-2023-26691

CS-Cart MultiVendor

Published: September 25, 2024

CVE-2024-8914

Thanh Toán Quét Mã QR Code Tự Động – MoMo, ViettelPay, VNPay và 40 ngân hàng Việt Nam plugin for WordPress

Published: September 25, 2024

CVE-2024-8349

Uncanny Groups for LearnDash plugin for WordPress

Published: September 25, 2024

CVE-2024-7385

WordPress Simple HTML Sitemap plugin

Published: September 25, 2024

CVE-2024-8514

Prisna GWT – Google Website Translator plugin for WordPress

Published: September 25, 2024

CVE-2024-9123

Google Chrome

Published: September 25, 2024

CVE-2024-43959

Themepoints Testimonials

Published: September 25, 2024

CVE-2024-38324

IBM Storage Defender

Published: September 25, 2024

CVE-2024-8483

MAS Static Content plugin for WordPress

Published: September 25, 2024

CVE-2024-8621

Daily Prayer Time plugin for WordPress

Published: September 25, 2024

CVE-2024-6512

Devolutions Server

Published: September 25, 2024

CVE-2024-20414

Cisco IOS XE Software

Published: September 25, 2024

CVE-2024-20508

unified_threat_defense_snort_intrusion_prevention_system_engine

Published: September 25, 2024

CVE-2024-41445

mdf_library

Published: September 25, 2024

CVE-2024-8267

Radio Player - Live Shoutcast, Icecast and Any Audio Stream Player for WordPress plugin

Published: September 25, 2024

CVE-2024-46485

dingfanzu CMS

Published: September 25, 2024

CVE-2024-41725

ProGauge MAGLINK LX CONSOLE

Published: September 25, 2024

CVE-2024-46934

Rocket.Chat

Published: September 25, 2024

CVE-2024-9148

Published: September 25, 2024

CVE-2024-7617

Contact Form to Any API plugin for WordPress

Published: September 25, 2024

CVE-2024-8549

Simple Calendar - Google Calendar Plugin for WordPress

Published: September 25, 2024

CVE-2024-8713

Kodex Posts likes plugin for WordPress

Published: September 25, 2024

CVE-2024-8741

Beam me up Scotty – Back to Top Button plugin for WordPress

Published: September 25, 2024

CVE-2024-3866

Ninja Forms Contact Form plugin for WordPress

Published: September 25, 2024

CVE-2024-45613

Published: September 25, 2024

CVE-2024-20496

Cisco SD-WAN vEdge Software

Published: September 25, 2024

CVE-2024-46655

Published: September 25, 2024

CVE-2024-20465

Published: September 25, 2024

CVE-2024-9169

LiteSpeed Cache plugin for WordPress

Published: September 25, 2024

CVE-2024-7421

Devolutions Remote Desktop Manager

Published: September 25, 2024

CVE-2024-46488

Published: September 25, 2024

CVE-2023-26688

CS-Cart MultiVendor

Published: September 25, 2024

CVE-2024-47048

Rocket.Chat

Published: September 25, 2024

CVE-2024-7398

Concrete CMS

Published: September 25, 2024

CVE-2024-8103

WP Category Dropdown plugin for WordPress

Published: September 25, 2024

CVE-2024-8917

AnWP Football Leagues plugin for WordPress

Published: September 25, 2024

CVE-2024-8919

Confetti Fall Animation plugin for WordPress

Published: September 25, 2024

CVE-2024-9141

Published: September 25, 2024

CVE-2024-9024

Material Design Icons plugin for WordPress

Published: September 25, 2024

CVE-2024-9027

WPZOOM Shortcodes plugin for WordPress

Published: September 25, 2024

CVE-2024-9028

WP GPX Maps plugin for WordPress

Published: September 25, 2024

CVE-2024-9068

OneElements - Best Elementor Addons plugin for WordPress

Published: September 25, 2024

CVE-2024-9069

Graphicsly – The ultimate graphics plugin

Published: September 25, 2024

CVE-2024-9073

GutenGeek Free Gutenberg Blocks for WordPress plugin

Published: September 25, 2024

CVE-2024-8515

Themesflat Addons For Elementor plugin for WordPress

Published: September 25, 2024

CVE-2024-8668

ShopLentor - WooCommerce Builder for Elementor & Gutenberg

Published: September 25, 2024

CVE-2024-47303

Livemesh Addons for Elementor

Published: September 25, 2024

CVE-2024-8858

Elementor Addons by Livemesh plugin for WordPress

Published: September 25, 2024

CVE-2024-8546

ElementsKit Elementor addons plugin for WordPress

Published: September 25, 2024

CVE-2024-20475

catalyst_sd-wan_manager

Published: September 25, 2024

CVE-2023-51157

Published: September 25, 2024

CVE-2024-8941

Published: September 25, 2024

CVE-2024-7426

Community by PeepSo - Social Network, Membership, Registration, User Profiles plugin for WordPress

Published: September 25, 2024

CVE-2024-7491

HUSKY - Products Filter Professional for WooCommerce plugin for WordPress

Published: September 25, 2024

CVE-2024-6845

Chatbot with ChatGPT WordPress plugin

Published: September 25, 2024

CVE-2024-8658

myCred plugin for WordPress and WooCommerce

Published: September 25, 2024

CVE-2024-8678

Revolut Gateway for WooCommerce plugin for WordPress

Published: September 25, 2024

CVE-2024-40761

Apache Answer

Published: September 25, 2024

CVE-2024-43237

TaxoPress WordPress Tag Cloud Plugin - Tag Groups

Published: September 25, 2024

CVE-2024-43990

StylemixThemes Masterstudy LMS Starter

Published: September 25, 2024

CVE-2024-8291

Concrete CMS

Published: September 25, 2024

CVE-2024-7878

WP ULike WordPress plugin

Published: September 25, 2024

CVE-2024-46600

dingfanzu CMS

Published: September 25, 2024

CVE-2024-8437

WP Easy Gallery - WordPress Gallery Plugin

Published: September 25, 2024

CVE-2024-8801

Happy Addons for Elementor plugin for WordPress

Published: September 25, 2024

CVE-2024-6590

Spreadsheet Integration plugin for WordPress

Published: September 25, 2024

CVE-2024-7386

Premium Packages – Sell Digital Products Securely plugin for WordPress

Published: September 25, 2024

CVE-2024-8434

Easy Mega Menu Plugin for WordPress - ThemeHunk

Published: September 25, 2024

CVE-2024-8476

Easy PayPal Events plugin for WordPress

Published: September 25, 2024

CVE-2024-8516

Themesflat Addons For Elementor plugin

Published: September 25, 2024

CVE-2024-7892

adstxt Plugin WordPress plugin

Published: September 25, 2024

CVE-2024-8910

HT Mega - Absolute Addons For Elementor plugin for WordPress

Published: September 25, 2024

CVE-2024-20434

Cisco IOS XE Software

Published: September 25, 2024

CVE-2024-45599

Published: September 25, 2024

CVE-2023-25189

Published: September 25, 2024

CVE-2024-8350

Uncanny Groups for LearnDash plugin for WordPress

Published: September 25, 2024

CVE-2024-9063

Published: September 25, 2024

CVE-2024-23454

Apache Hadoop

Published: September 25, 2024

CVE-2024-45817

Xen Hypervisor

Published: September 25, 2024

CVE-2024-4657

Talent Software BAP Automation

Published: September 25, 2024

» Click here to see all Vulnerabilities «