Security researchers have uncovered critical security flaws within ChatGPT plugins. By exploiting these flaws, attackers could seize control of an organization’s account on third-party platforms and access sensitive user data, including Personal Identifiable Information (PII). “The vulnerabilities found in these ChatGPT plugins are raising alarms due to the heightened risk of proprietary information being stolen […]
Experts released PoC exploit for critical Progress Software OpenEdge bug Pierluigi Paganini March 11, 2024 Researchers released technical specifics and a PoC exploit for a recently disclosed flaw in Progress Software OpenEdge Authentication Gateway and AdminServer. Researchers from Horizon3.ai have published technical details and a proof-of-concept (PoC) exploit for the critical security flaw CVE-2024-1403 in […]
Dive Brief: More than 2 in 5 ransomware attacks reported to the FBI in 2023 targeted organizations in a critical infrastructure sector, the agency said Thursday in its annual Internet Crime Report. Of the 2,825 ransomware attacks reported to the FBI last year, 1,193 hit critical infrastructure organizations. The proportion of ransomware attacks hitting critical […]
Hackers are exploiting a critical authentication bypass vulnerability (CVE-2024-27198) in TeamCity On-Premises, leading to the creation of hundreds of unauthorized users on unpatched instances.
VMware urgent updates addressed Critical ESXi Sandbox Escape bugs Pierluigi Paganini March 05, 2024 VMware released urgent patches to address critical ESXi sandbox escape vulnerabilities in the ESXi, Workstation, Fusion and Cloud Foundation products Virtualization giant VMware released urgent updates to fix critical ESXi sandbox escape vulnerabilities in the ESXi, Workstation, Fusion, and Cloud Foundation […]
VMware urgent updates addressed Critical ESXi Sandbox Escape bugs Pierluigi Paganini March 05, 2024 VMware released urgent patches to address critical ESXi sandbox escape vulnerabilities in the ESXi, Workstation, Fusion and Cloud Foundation products Virtualization giant VMware released urgent updates to fix critical ESXi sandbox escape vulnerabilities in the ESXi, Workstation, Fusion, and Cloud Foundation […]
The JetBrains TeamCity On-Premises CI/CD solution has been found to have two critical vulnerabilities (CVE-2024-27198 and CVE-2024-27199) that can allow remote attackers to take control of the server and modify system settings without authentication.
The Black Basta and Bl00dy ransomware gangs are exploiting a critical authentication bypass vulnerability (CVE-2024-1709) in unpatched ScreenConnect servers to gain admin access and deploy ransomware.
Feb 27, 2024NewsroomWebsite Security / Cryptojacking A critical security flaw has been disclosed in a popular WordPress plugin called Ultimate Member that has more than 200,000 active installations. The vulnerability, tracked as CVE-2024-1071, carries a CVSS score of 9.8 out of a maximum of 10. Security researcher Christiaan Swiers has been credited with discovering and […]