April 2024 – TheCyberThrone

Synopsys introduced AI Powered Polaris Assist

Synopsys announced the launch of a new AI-powered application security assistant that provides AI-augmented vulnerability summaries and code fixes. The AI assistant called Polaris Assist and offered as part of…

PravinKarthik April 30, 2024

Palo Alto Bug CVE-2024-3400 Exploited to install XMRig Malware

Palo Alto Network earlier this month has patched a critical vulnerability, CVE-2024-3400, allows attackers to gain remote control of vulnerable firewalls, leading to fears of widespread data breaches and system…

PravinKarthik April 30, 2024

QNAP Releases Patches for Critical Vulnerabilities -CVE-2024-32766 & CVE-2024-32764

QNAP, has issued a security warning with an urgent security advisory to its users concerning multiple severe vulnerabilities across its suite of NAS software products. These flaws, if exploited, could…

PravinKarthik April 29, 2024

Microsoft Defender can be made malfunctioning – CVE-2023-24860 & CVE-2023-36010

Researchers from SafeBreach discovered flaws in Microsoft and Kaspersky security products that can potentially allow the remote deletion of files. Though both the OEM emerged fixing the issue, it could…

PravinKarthik April 28, 2024

Microsoft Office Zeroday Exploited -CVE-2017-8570

Threat actors are seen leveraging an old Microsoft Office vulnerability, CVE-2017-8570, to deploy the notorious Cobalt Strike Beacon, targeting systems in Ukraine. The attack begins with the exploitation of CVE-2017-8570,…

PravinKarthik April 27, 2024

CISA adds CVE-2022-38028 to KEV Catalog

Attacks by Russian threat operation APT28, also known as Fancy Bear, Strontium, and Forest Blizzard, using the GooseEgg malware to exploit the Windows print spooler flaw. The vulnerability tracked as…

PravinKarthik April 27, 2024

GitLab April 2024 Security Advisory – CVE-2024-2434

GitLab has released several security updates to addresses a series of vulnerabilities that could have affect code repositories and development workflows. These flaws range from the potential for complete account…

PravinKarthik April 26, 2024