Moveit Vulnerability Victims list Expands
The number of victims of MOVEit file transfer software continues to grow, and the victims now include several U.S. government agencies. Even though the full list of agencies targeted was…
Barracuda Vulnerability Exploit Attributed to China
Resesrchers attributed the recently discovered hacking campaign targeting Barracuda ESG customers were launched by China-linked hackers. On May 19, Barracuda discovered a hacking campaign targeting customers of its email security…
Chinese Espionage Campaign Targeting ESXi Hosts
Reesearchers have spotted n espionage campaign by Chinese threat actor UNC3886 targeting VMware ESXi hosts and have quietly been exploiting a zero-day authentication bypass flaw in the virtualization technology to…
Romanian Diicot Indulges With New Attack Vector
Researchers has detailed and warned that an emerging Romanian threat actor named Diicot, formerly known as Mexals, is running a new campaign involving previously unreported brute-forcing malware payloads. Diicot, previously…
XSS Flaw in Azure Services
Researchers identified two cloud related vulnerabilities in Azure Bastion and Azure Container Registry, which allowed an attacker to achieve cross-site scripting by using iframe-postMessages [and] allowed unauthorized access to the…
WooCommerce Stripe Payment Gateway
Thousands of online stores are potentially exposed to hacking due to a critical vulnerability in the WooCommerce Stripe Payment Gateway plugin vulnerability tracked as CVE-2023-34000 could lead to unauthorized disclosure…
Google Chrome 114 Stable Channel Released
Google has shipped out new Chrome 114 update that resolves five vulnerabilities, including four critical and one high severity bugs. First is the CVE-2023-3214, a critical use-after-free flaw resides in…
Microsoft Patch Tuesday – June 2023
Microsoft Patched 70 CVEs in its June Patch Tuesday Release, with six rated as critical, 62 rated as important, 1 rated as moderate and 1 rated as low. This month’s…