Threat actors exploit vulnerabilities in container orchestration technologies, particularly misconfigured Docker API endpoints, to compromise containers and cloud hosts to deploy a crypto miner.

A critical SQL injection vulnerability has been discovered in The Events Calendar WordPress plugin (CVE-2024-8275), affecting all versions up to 6. 6. 4. The vulnerability has a CVSS score of 9. 8, indicating a high level of severity.

Cybersecurity researchers have disclosed a set of now patched vulnerabilities in Kia vehicles that, if successfully exploited, could have allowed remote control over key functions simply by using only a license plate. “These attacks could be executed remotely on any hardware-equipped vehicle in about 30 seconds, regardless of whether it had an active Kia Connect […]

The identified flaws include a local configuration account vulnerability, remote access via privileged accounts, remote account creation, remote command execution, and SNMP configuration exploitation.

TeamViewer has identified critical vulnerabilities (CVE-2024-7479 and CVE-2024-7481) in its Remote Client and Remote Host products for Windows, putting users at risk with a CVSS score of 8.8.

Models MSG1200, MSG2100E, MSG2200, and MSG2300 running software version 3.90 are affected. Security researcher Johannes B. Ullrich has identified two payloads used in attacks, targeting vulnerable routers.

GitLab has released a security update to fix a critical vulnerability (CVE-2024-45409) in its Community Edition and Enterprise Edition platforms, affecting all self-managed installations

Imagine trying to find a needle in a haystack, but the haystack is on fire, and there are a million other needles you also need to find. That’s what dealing with security alerts can feel like. SIEM was supposed to make this easier, but somewhere along the way, it became part of the problem. Too […]