TheCyberThrone

Exploit Code for Apache Struts CVE-2024-53677 released

The proof-of-concept (PoC) exploit code for the critical Apache Struts vulnerability, designated as CVE-2024-53677, has been released. This vulnerability poses a severe risk to systems running Apache Struts versions 2.0.0…

PravinKarthik December 18, 2024

ConnectOnCall databreach affects 9M individuals

ConnectOnCall, a subsidiary of the healthcare software-as-a-service firm Phreesia, experienced a significant data breach that exposed the protected health information (PHI) of 914,138 individuals. This incident occurred between February and…

PravinKarthik December 18, 2024

Irish DPC fines Meta £251M over a Databreach in 2018

The Data Protection Commission (DPC) of Ireland has imposed a substantial fine of €251 million (approximately $263 million) on Meta following a significant data breach that occurred in 2018. This…

PravinKarthik December 18, 2024

Detailing Critical Microsoft CVE-2024-49112 Vulnerability

Microsoft has recently disclosed a critical Remote Code Execution (RCE) vulnerability in its Lightweight Directory Access Protocol (LDAP) service, identified as CVE-2024-49112 Released as part of the December Patch Tuesday…

PravinKarthik December 17, 2024

Rhode Island was affected by a widespread cyber incident

The State of Rhode Island has recently confirmed that its social services portal, the RIBridges system, has been subjected to a major security threat. This system, managed by the Rhode…

PravinKarthik December 17, 2024

Clop ransomware exploits Cleo Vulnerability in its attacks

The Clop ransomware gang has recently claimed responsibility for a series of sophisticated data theft attacks targeting Cleo, a prominent provider of managed file transfer software. These attacks exploited zero-day…

PravinKarthik December 17, 2024

CISA KEV Catalog Update Part IV – December 2024

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-20767 The vulnerability withca CVSS score of 8.2. This vulnerability arises from improper…

PravinKarthik December 17, 2024

Dell fixes CVE-2024-37143 and CVE-2024-38144 vulnerabilities

Dell has recently released security updates to address multiple vulnerabilities affecting several of its enterprise products, including PowerFlex, InsightIQ, and Data Lakehouse. The vulnerabilities, identified as CVE-2024-37143 with a CVSS…

PravinKarthik December 16, 2024