Hackers Exploit WordPress Plugin File Upload Flaw
Hackers are exploiting a critical vulnerability (CVE-2024-6220) in the WordPress plugin 简数采集器 (Keydatas) that allows unauthenticated users to upload arbitrary files, risking remote code execution and full site takeover. On [...]
Microsoft Patches Critical Edge Flaw Enabling Code Execution
Microsoft has patched critical vulnerabilities in Edge. Users should update to the latest version to ensure security. Asec Ahnlab identified these flaws in Edge versions 127.0.6533.88 and 127.0.6533.89. All about [...]
Hackers Exploiting GeoServer RCE Flaw, 6,635 Servers at Risk
A critical flaw in GeoServer, an open-source Java software, exposes thousands of servers to risk. The vulnerability, CVE-2024-36401, allows unauthenticated remote code execution, threatening global geospatial data infrastructures. A recent [...]
Phishing Campaign Exploited Proofpoint for Email Spoofing
Guardio Labs recently identified "EchoSpoofing," a critical vulnerability in Proofpoint's email protection service used by 87% of Fortune 100 companies. This flaw allows hackers to exploit phishing emails, tricking recipients [...]
New Specula Tool Turns Outlook into a C2 Server via Registry Exploit
Cybersecurity firm TrustedSec has introduced a new tool named Specula, which leverages a longstanding vulnerability in Microsoft Outlook to turn it into a Command and Control (C2) server. This discovery [...]
FHN 
