Today > vulnerabilities - You can now download lists of IOCs here!

Tag: 2024-11-14

5 attack reports | 147 vulnerabilities

Attack reports

Financially Motivated Chinese Threat Actor SilkSpecter Targeting Black Friday Shoppers

A Chinese financially motivated threat actor, dubbed SilkSpecter, has been uncovered targeting e-commerce shoppers in Europe and USA with a phishing campaign leveraging Black Friday discounts. The actor uses fake discounted products as lures to steal Cardholder Data, Sensitive Authentication Data, …

financial fraud

chinese threat actor

google translate

Published: November 14, 2024

Downloadable IOCs 13

Malware Spotlight: A Deep-Dive Analysis of WezRat

Check Point Research provides a comprehensive analysis of WezRat, a custom modular infostealer attributed to the Iranian cyber group Emennet Pasargad. The malware has been active for over a year, targeting organizations in multiple countries. WezRat's capabilities include executing commands, taking…

Published: November 14, 2024

Downloadable IOCs 0

The State of Cloud Ransomware in 2024

Cloud ransomware attacks are evolving, primarily targeting storage services like Amazon S3 and Azure Blob Storage. Attackers exploit misconfigurations or use stolen credentials to access and encrypt data. Cloud service providers have implemented security measures, such as AWS's 7-day key deletion w…

data exfiltration

cloud ransomware

web application attacks

identity management

Published: November 14, 2024

Downloadable IOCs 0

Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails

A newly discovered vulnerability in Windows NT LAN Manager (NTLM) has been exploited by suspected Russian hackers in cyber attacks against Ukraine. The flaw, identified as CVE-2024-43451, allows attackers to steal NTLMv2 hashes through minimal user interaction with malicious files. The exploit chai…

Published: November 14, 2024

Downloadable IOCs 24

PHP Reinfector and Backdoor Malware Target WordPress Sites

A sophisticated PHP reinfector and backdoor malware is targeting WordPress websites, infecting plugin files and database tables. The malware reinfects active plugins, manipulates wp_options and wp_posts tables, and creates malicious admin users. It utilizes WordPress's cron system to maintain contr…

database manipulation

backdoor malware

persistent threat

plugin infection

Published: November 14, 2024

Downloadable IOCs 0

» Click here to see all Attack Reports «

Vulnerabilities

CVE-2024-52372

WebTechGlobal Easy CSV Importer BETA

Published: November 14, 2024

CVE-2024-52373

Devexhub Gallery

Published: November 14, 2024

CVE-2024-52374

Do That Task

Published: November 14, 2024

CVE-2024-52375

Datasets Manager by Arttia Creative

Published: November 14, 2024

CVE-2024-52376

cmsMinds Boat Rental Plugin for WordPress

Published: November 14, 2024

CVE-2024-52377

BdThemes Instant Image Generator

Published: November 14, 2024

CVE-2024-52379

kineticPay for WooCommerce

Published: November 14, 2024

CVE-2024-52380

Softpulse Infotech Picsmize

Published: November 14, 2024

CVE-2024-48966

Published: November 14, 2024

CVE-2024-48967

Published: November 14, 2024

CVE-2024-52384

Sage AI: Chatbots

Published: November 14, 2024

CVE-2024-52369

Published: November 14, 2024

CVE-2024-52370

Hive Support - WordPress Help Desk

Published: November 14, 2024

CVE-2024-10571

Chartify - WordPress Chart Plugin

Published: November 14, 2024

CVE-2024-50833

KASHIPARA E-learning Management System Project

Published: November 14, 2024

CVE-2024-4343

imartinez/privategpt

Published: November 14, 2024

CVE-2024-50823

kashipara E-learning Management System Project

Published: November 14, 2024

CVE-2024-52382

Medma Technologies Matix Popup Builder

Published: November 14, 2024

CVE-2024-31695

Binance: BTC, Crypto and NFTS

Published: November 14, 2024

CVE-2024-9832

Published: November 14, 2024

CVE-2024-9834

Baxter Ventilator

Published: November 14, 2024

CVE-2024-48970

Published: November 14, 2024

CVE-2024-48971

Published: November 14, 2024

CVE-2024-48973

Published: November 14, 2024

CVE-2024-48974

Published: November 14, 2024

CVE-2024-50306

Apache Traffic Server

Published: November 14, 2024

CVE-2024-37285

Published: November 14, 2024

CVE-2024-52393

Podlove Podcast Publisher

Published: November 14, 2024

CVE-2024-10979

Published: November 14, 2024

CVE-2024-10962

WPvivid plugin for WordPress

Published: November 14, 2024

CVE-2024-41209

Published: November 14, 2024

CVE-2024-49777

Published: November 14, 2024

CVE-2024-49778

Published: November 14, 2024

CVE-2024-9186

Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit WordPress plugin

Published: November 14, 2024

CVE-2024-52371

DonnellC Global Gateway e4 | Payeezy Gateway

Published: November 14, 2024

CVE-2024-9693

Published: November 14, 2024

CVE-2024-3379

Published: November 14, 2024

CVE-2024-3501

Published: November 14, 2024

CVE-2024-3502

Published: November 14, 2024

CVE-2024-52381

Published: November 14, 2024

CVE-2024-52308

Published: November 14, 2024

CVE-2022-31666

Published: November 14, 2024

CVE-2022-31670

Published: November 14, 2024

CVE-2024-49362

Joplin-desktop

Published: November 14, 2024

CVE-2024-11206

Published: November 14, 2024

CVE-2024-38479

Apache Traffic Server

Published: November 14, 2024

CVE-2024-45253

Published: November 14, 2024

CVE-2024-45254

Published: November 14, 2024

CVE-2024-47915

Published: November 14, 2024

CVE-2024-47916

Boa web server

Published: November 14, 2024

CVE-2024-50305

Apache Traffic Server

Published: November 14, 2024

CVE-2022-2232

Published: November 14, 2024

CVE-2024-52378

Labs64 DigiPass

Published: November 14, 2024

CVE-2024-52383

KCT Ai Auto Tool Content Writing Assistant (Gemini Writer, ChatGPT ) All in One

Published: November 14, 2024

CVE-2024-3760

lunary-ai/lunary

Published: November 14, 2024

CVE-2024-50968

itsourcecode Agri-Trading Online Shopping System

Published: November 14, 2024

CVE-2022-31668

Published: November 14, 2024

CVE-2022-31671

Published: November 14, 2024

CVE-2024-7730

Published: November 14, 2024

CVE-2024-6068

Published: November 14, 2024

CVE-2024-5125

parisneo/lollms-webui

Published: November 14, 2024

CVE-2024-50832

kashipara E-learning Management System Project

Published: November 14, 2024

CVE-2024-50834

KASHIPARA E-learning Management System Project

Published: November 14, 2024

CVE-2024-50835

KASHIPARA E-learning Management System Project

Published: November 14, 2024

CVE-2024-50824

Kashipara E-learning Management System Project

Published: November 14, 2024

CVE-2024-50825

kashipara E-learning Management System Project

Published: November 14, 2024

CVE-2024-50826

kashipara E-learning Management System Project

Published: November 14, 2024

CVE-2024-50827

kashipara E-learning Management System Project

Published: November 14, 2024

CVE-2024-50828

kashipara E-learning Management System Project

Published: November 14, 2024

CVE-2024-50829

Kashipara E-learning Management System Project

Published: November 14, 2024

CVE-2024-50830

kashipara E-learning Management System Project

Published: November 14, 2024

CVE-2024-50831

kashipara E-learning Management System Project

Published: November 14, 2024

CVE-2024-51688

FraudLabs Pro SMS Verification

Published: November 14, 2024

CVE-2024-51684

Published: November 14, 2024

CVE-2024-51687

Platform.Ly Official

Published: November 14, 2024

CVE-2024-51658

WP Course Manager

Published: November 14, 2024

CVE-2024-51659

Published: November 14, 2024

CVE-2024-51679

Appointmind

Published: November 14, 2024

CVE-2024-7404

Published: November 14, 2024

CVE-2024-10921

MongoDB Server

Published: November 14, 2024

CVE-2023-34049

Published: November 14, 2024

CVE-2024-11215

Published: November 14, 2024

CVE-2024-41206

Published: November 14, 2024

CVE-2024-41217

Published: November 14, 2024

CVE-2024-49776

Published: November 14, 2024

CVE-2022-31667

Published: November 14, 2024

CVE-2022-31669

Published: November 14, 2024

CVE-2024-11209

Published: November 14, 2024

CVE-2024-11212

SourceCodester Best Employee Management System

Published: November 14, 2024

CVE-2024-8648

Published: November 14, 2024

CVE-2024-3447

Published: November 14, 2024

CVE-2024-45670

IBM Security SOAR

Published: November 14, 2024

CVE-2023-4134

Linux kernel

Published: November 14, 2024

CVE-2017-13227

Published: November 14, 2024

CVE-2024-52613

Published: November 14, 2024

CVE-2024-10146

Simple File List WordPress plugin

Published: November 14, 2024

CVE-2024-8180

Published: November 14, 2024

CVE-2024-50839

KASHIPARA E-learning Management System Project

Published: November 14, 2024

CVE-2024-50840

KASHIPARA E-learning Management System Project

Published: November 14, 2024

CVE-2024-50841

KASHIPARA E-learning Management System pProject

Published: November 14, 2024

CVE-2024-50842

KASHIPARA E-learning Management System Project

Published: November 14, 2024

CVE-2024-11210

Published: November 14, 2024

CVE-2024-50837

KASHIPARA E-learning Management System Project

Published: November 14, 2024

CVE-2024-50838

Published: November 14, 2024

CVE-2024-52505

matrix-appservice-irc

Published: November 14, 2024

CVE-2024-4311

zenml-io/zenml

Published: November 14, 2024

CVE-2024-49025

Microsoft Edge (Chromium-based)

Published: November 14, 2024

CVE-2024-40579

Virtuozzo Hybrid Server for WHMCS Open Source

Published: November 14, 2024

CVE-2024-45642

linux_kernel

Published: November 14, 2024

CVE-2024-50843

PHPGurukul User Registration & Login and User Management System

Published: November 14, 2024

CVE-2024-39707

InsydeH2O UEFI BIOS

Published: November 14, 2024

CVE-2024-52396

Published: November 14, 2024

CVE-2024-50836

KASHIPARA E-learning Management System Project

Published: November 14, 2024

CVE-2024-48284

PHPGurukul User Registration & Login and User Management System

Published: November 14, 2024

CVE-2024-11211

Published: November 14, 2024

CVE-2024-11213

SourceCodester Best Employee Management System

Published: November 14, 2024

CVE-2024-11214

SourceCodester Best Employee Management System

Published: November 14, 2024

CVE-2024-51156

Published: November 14, 2024

CVE-2024-47914

Published: November 14, 2024

CVE-2024-11207

Published: November 14, 2024

CVE-2024-1682

Published: November 14, 2024

CVE-2024-10976

Published: November 14, 2024

CVE-2024-10978

Published: November 14, 2024

CVE-2023-4458

Linux Kernel

Published: November 14, 2024

CVE-2024-11208

Published: November 14, 2024

CVE-2024-42188

HCL Connections

Published: November 14, 2024

CVE-2024-45099

linux_kernel

Published: November 14, 2024

CVE-2024-10977

Published: November 14, 2024

CVE-2024-9633

Published: November 14, 2024

CVE-2024-5083

Sonatype Nexus Repository

Published: November 14, 2024

CVE-2024-5082

Sonatype Nexus Repository

Published: November 14, 2024

CVE-2024-7787

ITG Computer Technology vSRM Supplier Relationship Management System

Published: November 14, 2024

CVE-2024-2550

Palo Alto Networks PAN-OS software

Published: November 14, 2024

CVE-2024-2551

Palo Alto Networks PAN-OS

Published: November 14, 2024

CVE-2024-2552

Palo Alto Networks PAN-OS software

Published: November 14, 2024

CVE-2024-5917

Published: November 14, 2024

CVE-2024-5918

Palo Alto Networks PAN-OS

Published: November 14, 2024

CVE-2024-5919

Palo Alto Networks PAN-OS

Published: November 14, 2024

CVE-2024-5920

Palo Alto Networks PAN-OS

Published: November 14, 2024

CVE-2024-9472

Palo Alto Networks PAN-OS

Published: November 14, 2024

CVE-2024-7124

DInGO dLibra software

Published: November 14, 2024

CVE-2024-11136

TCL Camera application

Published: November 14, 2024

CVE-2024-52302

Spring Boot

Published: November 14, 2024

CVE-2024-52524

Published: November 14, 2024

CVE-2024-10394

Published: November 14, 2024

CVE-2024-10396

Published: November 14, 2024

CVE-2024-10397

Published: November 14, 2024

» Click here to see all Vulnerabilities «