May 2024 – TheCyberThrone

Progress Telerik fixes CVE-2024-4358

A critical vulnerability has been discovered in Progress Telerik Report Server, a popular report management solution used by organizations worldwide. This vulnerability tracked as CVE-2024-4358, with a CVSS score of…

PravinKarthik May 31, 2024

NGINX releases patches for several Vulnerabilities

NGINX team has released patches for their popular web server software. These updates address four significant vulnerabilities related to the HTTP/3 implementation, specifically impacting configurations using the “ngx_http_v3_module”. CVE-2024-31079: A…

PravinKarthik May 31, 2024

CISA KEV Catalog Update May 2024 – Part IV

The U.S. CISA added the following vulnerabilities to its Known Exploited Vulnerabilities catalog CVE-2024-24919 Check Point Quantum Security Gateways Information Disclosure Vulnerability CVE-2024-1086 Linux Kernel Use-After-Free Vulnerability The vulnerability CVE-2024-24919 is a Quantum Gateway information…

PravinKarthik May 31, 2024

NIST says NVD Backlog Enrichment soon

The National Institute of Standards and Technology (NIST) said it has awarded a new contract to a third party to help the federal government process software and hardware bugs added…

PravinKarthik May 30, 2024

Checkpoint fixed Zeroday flaw -CVE-2024-24919

Check Point has patched a zero-day vulnerability that has been exploited in the wild. The vulnerability, tracked as CVE-2024-24919, enables an attacker to “read certain information” on Check Point Network…

PravinKarthik May 30, 2024

ShrinkLocker Ransomware Dissection

Researchers from Kaspersky have uncovered a new ransomware strain named ShrinkLocker, exploiting Microsoft’s built-in BitLocker encryption tool. The ransomware, which has already targeted industrial, pharmaceutical, and government organizations, utilizes a…

PravinKarthik May 29, 2024

PoC Exploit released for Fortinet Flaw -CVE-2024-23108

Security researchers at Horizon3’s Attack Team released a proof-of-concept exploit for a remote code execution issue, tracked as CVE-2024-23108, in Fortinet’s SIEM solution. The PoC exploit allows executing commands as…

PravinKarthik May 29, 2024

CatDDoS Exploitation Activity Surges

Researchers at XLab recently discovered that CatDDoS has been actively exploiting over 80 vulnerabilities and attacking more than 300 targets in last 3 months timeline. The use of Cacti-n0day and…

PravinKarthik May 28, 2024