PravinKarthik

VMware patches vulnerabilities in VCenter Server

VMware released security updates to five memory corruption vulnerabilities in the vCenter server that could lead to remote code execution The memory corruption vulnerabilities reside in the software’s implementation of…

PravinKarthik June 24, 2023

OpenSSH Trojanized Campaign

Researchers have discovered a sophisticated attack campaign that exploits custom and open-source tools to target Linux-based systems and IoT devices. The attack campaign involves a C2 that uses a subdomain…

PravinKarthik June 24, 2023

Fortinet addressed Critical FortiNAC Vulnerability

Fortinet addressed a critical RCE vulnerability, tracked as CVE-2023-33299, affecting FortiNAC solution. FortiNAC solution used by organizations to secure and control access to networks by enforcing security policies, monitoring devices,…

PravinKarthik June 23, 2023

PoC for Cisco Any Connect Vulnerability Released

A PoC exploit code was released by a researcher for the high-severity vulnerability , tracked as CVE-2023-20178, impacting Cisco AnyConnect Secure Mobility Client and Secure Client for Windows. This vulnerability…

PravinKarthik June 23, 2023

VMware Aria Patched Vulnerability Exploited in Wild

VMware has confirmed a recently patched critical command injection vulnerability affecting its Aria Operations for Networks tool is being exploited in the wild. A PoC of an exploitation was published…

PravinKarthik June 23, 2023

Malware Dropper Based on A JavaScript

Researchers have provided details of a new strain of JavaScript-based dropper that delivers two forms of malware onto victims’ systems. Dubbed as PindOS after a user-agent string of the same…

PravinKarthik June 23, 2023

Apple Patches Active Exploited Zeroday Vulnerabilities

Apple patched zero-click kernel vulnerabilities in its OS underpinning its iPhones, iPads, watches and macOS computers. The bugs are tied to two WebKit vulnerabilities used in impacted devices. One is…

PravinKarthik June 22, 2023

Gen Digital latest victim of MOVEit Vulnerability

Gen Digital, the parent company of cybersecurity subsidiaries such as Avast and Norton, confirmed on June 20 that the personal information of its employees was compromised in yet another MOVEit…

PravinKarthik June 22, 2023