Application Security – TheCyberThrone

WordPress Simple Membership Plugin Vulnerabilities

Researchers have identified two new vulnerabilities in the popular Simple Membership plugin for WordPress, affecting versions 4.3.4 and below, have been identified, leading to potential privilege escalation issues. With over…

PravinKarthik September 28, 2023

Ivanti Patches another high severity vulnerability

One another high severity vulnerability has been disclosed by Ivanti impacting Endpoint Manager Mobile (EPMM), which has been weaponized as part of an exploit chain by malicious actors in the…

PravinKarthik July 30, 2023

IDOR Vulnerability Warning

Security agencies from U.S. and the Australian government is warning that common and easily exploitable security vulnerabilities in websites and web apps can be abused to carry out large-scale data…

PravinKarthik July 29, 2023

Checkmarx Collaborates with Bringa

Checkmarx has announced a new strategic partnership with Bringa to help organizations develop top-tier application security programs suitable for the evolving threat landscape. To address the increasing security risk of…

PravinKarthik June 21, 2023

WhatsApp New Security Features

WhatsApp set to roll out new security features in the near term to provide users with increased privacy and control over their messages and to help prevent unauthorized account access…

PravinKarthik April 14, 2023

Log4j – First Year Anniversary ! Lesson Learned -Importance of Software Supply Chain Risk

The first anniversary of Log4j is about to come later in this week, this is a good time to revisit the importance of analyzing supply chain security, as well as…

PravinKarthik December 5, 2022

API Keys and User data leaked by faulty Apps

Security researchers have uncovered more than 1,500 apps leaking the Algolia API key and application ID, potentially exposing user data. 32 applications were found to have critical administrative secrets hardcoded,…

PravinKarthik November 22, 2022

ConnectWise Patches a Critical RCE

ConnectWise has patched a critical RCE flaw impacting Recover and R1Soft Server Backup Manager. The vulnerability is an Improper Neutralization of Special Elements in Output Used by a Downstream Component.…

PravinKarthik November 1, 2022