CVE-2024-44243: macOS SIP Bypass Flaw

CVE-2024-44243: macOS SIP Bypass Flaw

CVE-2024-44243 is a critical vulnerability discovered in macOS that allows attackers to bypass Apple's System Integrity Protection (SIP) by exploiting third-party kernel extensions. This vulnerability has significant implications for the…
CISA adds Fortinet flaw CVE-2024-55591 to KEV Catalog

CISA adds Fortinet flaw CVE-2024-55591 to KEV Catalog

CVE-2024-55591 is a critical vulnerability affecting Fortinet's FortiOS and FortiProxy devices. This vulnerability allows a remote attacker to bypass authentication mechanisms and gain super-admin privileges by sending specially crafted requests…
Microsoft Patch Tuesday- January 2025

Microsoft Patch Tuesday- January 2025

Microsoft released the January 2025 Patch Tuesday updates on January 14, 2025, focusing on addressing critical security vulnerabilities across various Microsoft products. This update cycle includes security patches, improvements, and…
Codefinger Ransomware Dissection

Codefinger Ransomware Dissection

The Codefinger ransomware campaign is a sophisticated and highly targeted attack aimed at users of Amazon Web Services (AWS). Unlike conventional ransomware attacks, Codefinger leverages AWS's own encryption tools to…
CVE-2024-12398 impacts Zyxel Devices

CVE-2024-12398 impacts Zyxel Devices

CVE-2024-12398 is a critical vulnerability discovered in the web management interface of certain Zyxel devices. This vulnerability allows an authenticated user with limited privileges to escalate their privileges to that…
CISA KEV Catalog Update Part III- January 2025

CISA KEV Catalog Update Part III- January 2025

The US CISA has recently included two significant vulnerabilities, CVE-2024-12686 and CVE-2023-48365, in its Known Exploited Vulnerabilities (KEV) Catalog. This catalog is an essential resource for organizations to prioritize and…