April 2024 – Page 4 – TheCyberThrone

Spring Framework High Severity Vulnerability – CVE-2024-22262

Security researchers have discovered high-severity vulnerability tracked as CVE-2024-22262 in the widely-used Spring Framework software could leave countless applications vulnerable to redirect and server-side request forgery (SSRF) attacks, researchers warn.…

PravinKarthik April 15, 2024

Roku suffers a data breach again

Roku customers have been affected by a second data breach. The streaming brand disclosed a breach affecting 576,000 user accounts, which follows another recently unearthed incident involving 15,000 accounts. In…

PravinKarthik April 14, 2024

PaloAlto PAN-OS Critical Command Injection vulnerability -CVE-2024-3400

Security researchers have unearthed a critical flaw in Palo Alto Networks’ PAN-OS, specifically targeting the GlobalProtect feature. The vulnerability is designated as CVE-2024-3400, with a CVSS score of 10 potentially…

PravinKarthik April 13, 2024

U.S. CISA Warning on Sisense breach

The U.S. CISA had urged the customers to reset the login credentials in response to a recent data breach at Sisense, a provider of data analytics services. Sisense’s AI and…

PravinKarthik April 12, 2024

Apple warns on Mercenary spyware attacks

As per the Reuters report, Apple is alerting iPhone users in 92 countries about mercenary spyware attacks. According to a threat notification email sent to targeted users, Apple detected attempts…

PravinKarthik April 11, 2024

Fortinet Patches several Vulnerabilities Affecting its Products

Fortinet has released a security advisory and patches addressing several critical and high-severity vulnerabilities in their popular security products. These vulnerabilities could expose organizations to remote code execution, unauthorized file…

PravinKarthik April 10, 2024

Microsoft Patch Tuesday – April 2024

Microsoft patched 149 CVEs in its April 2024 Patch Tuesday release, with three rated critical, 142 rated as important, and two rated as moderate. 2 of the Zeroday vulnerabilities are…

PravinKarthik April 10, 2024

Change Healthcare again Victimized

Change Healthcare, a subsidiary of UnitedHealth Group, has been facing renewed extortion from cybercriminals just a month after paying a ransom to prevent the release of data stolen in a…

PravinKarthik April 9, 2024