Hackers exploit Autodesk Drive to host weaponized PDF files
Autodesk Drive serves as a cloud-based data-sharing platform for organizations, facilitating document and file sharing. It accommodates various file formats, including 2D and 3D data files such as PDFs, accessible [...]
GuptiMiner Exploits eScan to Distribute Miners and Backdoors
Avast researchers recently uncovered GuptiMiner, an aged malware. It leverages the eScan antivirus update system to surreptitiously implant backdoors and cryptocurrency mining software into users’ computers and extensive corporate networks. [...]
Urgent: GitLab Flaw Allows Account Takeover – Act Now
GitLab has issued security patches (16.11.1, 16.10.4, and 16.9.6) for both Community and Enterprise Editions, emphasizing the importance of upgrading to these versions to mitigate vulnerabilities. Scheduled bi-monthly patch releases [...]
CrushFTP Zero-Day Enables Attackers to Gain Complete Server Access
CrushFTP disclosed a zero-day vulnerability (CVE-2024-4040) affecting versions below 10.7.1 and 11.1.0, allowing remote attackers with low privileges to bypass the VFS sandbox and read arbitrary files on the underlying [...]
OpenMetadata Vulnerabilities to Target Kubernetes
The OpenMetadata platform has critical vulnerabilities reported by Microsoft Security Blog, enabling attackers to exploit Kubernetes workloads for crypto mining. Five vulnerabilities facilitate bypassing authentication and executing Remote Code Execution. [...]
FHN 
