Vulnerability – TheCyberThrone

CISSP Domain 1 : Threat vs Vulnerability vs Risk – Confused Trio

One of the most common reasons CISSP candidates lose marks is not lack of preparation, but mixing up three fundamental concepts: Threat Vulnerability Risk These terms are often used together,…

PravinKarthik February 16, 2026

WordPress Plug-in Vulnerability affects 1 lakh sites

The Wordfence Threat Intelligence team has discovered a vulnerability in pouluar plugin Download Manager, installed on over 100,000 sites. Download Manager, designed to allow site content creators to share downloadable…

PravinKarthik August 6, 2022

9 lakh Kubernetes Clusters Exposed

Researchers have uncovered more than 900,000 exposed Kubernetes clusters that are vulnerable and could inducted for malicious scans or data theft. The exposed clusters were found by the researchers as part…

PravinKarthik June 29, 2022

Security

Microsoft Defender for Endpoint Spoofing

Microsoft has flagged a spoofing vulnerability found in Microsoft Defender for Endpoint that allows attackers to spoof information between clients and the service. The vulnerability, CVE-2022-23278, impacts all of the…

PravinKarthik March 9, 2022

CISA Adds 95 Vulnerabilities to Known Exploited Catalog

The U.S. CISA has added 95 vulnerabilities to its Known Exploited Vulnerabilities Catalog According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies must address…

PravinKarthik March 5, 2022

Red Cross Attack Attributes to Unpatched Zoho Vulnerability

The Red Cross committee has revealed that the attack that breached its network in January was conducted by a nation-state actor that exploited a Zoho vulnerability. An attack on a…

PravinKarthik February 17, 2022

CISA Adds 8 another Vulnerability to Know Exploited Catalog

CISA has added eight new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of…

PravinKarthik January 29, 2022

Linux Vulnerability Provides Root Access to Attackers

A newly discovered 12-year-old vulnerability dubbed “PwnKit in a Linux system tool Polkit can give attackers root privileges on machines running the operating system. Polkit, previously known as PolicyKit, is…

PravinKarthik January 27, 2022