Apache Kafka Vulnerability Enables Privilege Escalation
A new vulnerability, CVE-2024-31141, was found in Apache Kafka Clients, allowing attackers to escalate privileges and gain unauthorized file access. Rated as Moderate, it affects several versions and is a [...]
Citrix Virtual Apps & Desktops Zero-Day Actively Exploited
A critical unpatched vulnerability has been found in Citrix Virtual Apps and Desktops, now being actively exploited. The flaw, revealed by Watchtowr Labs, poses a significant risk, especially in remote [...]
Zohocorp ADAudit Plus SQL Injection Vulnerability
Zoho released a security update for a critical SQL injection flaw in ADAudit Plus (CVE-2024-49574), fixed in version 8123 on November 8, 2024. The SQL injection vulnerability was found in [...]
CISA Warns of Exploited Palo Alto Networks Vulnerabilities
CISA issued an urgent alert for two Palo Alto Networks vulnerabilities, CVE-2024-9463 and CVE-2024-9465, which are actively being exploited by cybercriminals. These vulnerabilities pose serious risks, especially to federal systems. [...]
Chinese SilkSpecter hackers targeting Black Friday shoppers
Chinese hacker group SilkSpecter launched a phishing campaign targeting Black Friday shoppers in Europe and the USA, using Stripe to steal card data while allowing legitimate transactions. SilkSpecter's Phishing Campaign [...]
FHN 
