XE Hacker Group Targets VeraCore Zero-Day Vulnerability for Web Shells Introduction In today’s evolving cybersecurity landscape, the exploitation of vulnerabilities is a persistent threat to organizations around the world. The recent activities of the XE hacker group highlight this alarming trend, as they have successfully targeted a zero-day vulnerability in the popular software platform VeraCore.
Loading
All posts tagged in incident response
Palo Alto Networks Fixes Critical Authentication Bypass in PAN-OS Palo Alto Networks, a leader in cybersecurity solutions, has recently addressed a significant vulnerability in its PAN-OS, the software that powers its suite of next-generation firewalls and secure networking appliances. This critical authentication bypass exploit poses a severe threat to organizations using the affected products, prompting
77
CISA Identifies Critical Palo Alto and SonicWall Vulnerabilities The Cybersecurity and Infrastructure Security Agency (CISA) has recently included vulnerabilities from Palo Alto Networks and SonicWall on its list of actively exploited vulnerabilities, raising alarms in the cybersecurity community. These threats, if left unaddressed, could lead to significant compromises in network security. As cybersecurity continues to
70
Cisco Alerts on Salt Typhoon Exploiting CVE-2018-0171 in Telecoms Introduction In a recent advisory, Cisco has confirmed that the threat actor group known as Salt Typhoon is actively exploiting CVE-2018-0171 to target U.S. telecom networks. This revelation highlights the importance of timely patching and threat awareness—especially within the telecom sector, which plays a critical role
86
CISA Alerts on Active Attacks Exploiting Craft CMS Vulnerability In the fast-evolving landscape of cybersecurity, vulnerabilities can pose significant risks to web applications and their users. Recently, the Cybersecurity and Infrastructure Security Agency (CISA) issued a warning about an ongoing exploitation of a critical vulnerability in Craft CMS (CVE-2025-23209). This blog post delves into the
119
Major Flaws in Cisco, Hitachi, Microsoft, and Progress Under Attack In a rapidly evolving digital landscape, cybersecurity remains a paramount concern for organizations worldwide. Recently, the Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent alert regarding significant vulnerabilities found in software products from industry leaders such as Cisco, Hitachi, Microsoft, and Progress. These flaws
90
CISA Adds Five Critical Vulnerabilities to KEV List The Cybersecurity and Infrastructure Security Agency (CISA) has recently expanded its Known Exploited Vulnerabilities (KEV) list to include five critical vulnerabilities affecting Advantive VeraCore and Ivanti Endpoint Manager (EPM). As cyber threats escalate in complexity and frequency, companies must prioritize vulnerability management to guard their digital assets
73
Apache Tomcat RCE Vulnerability Poses Serious Security Risks Apache Tomcat, a widely-used open-source implementation of Java Servlet, JavaServer Pages, and the Java Expression Language, has become a staple for web application developers. However, with its extensive usage comes potential vulnerabilities. Recently, a newly discovered Remote Code Execution (RCE) vulnerability has prompted serious concerns among cybersecurity
69
Coordinated Cyber Attack Targets 400 IPs via SSRF Vulnerabilities Cybersecurity threats continue to evolve, and the recent coordinated cyber attack exploiting multiple Server-Side Request Forgery (SSRF) vulnerabilities has raised alarm bells across the digital landscape. This massive attack affects over 400 IP addresses, showcasing the critical need for businesses and organizations to bolster their security
61
Apache Tomcat Vulnerability Exploited Within Hours of Disclosure In the rapidly evolving landscape of cybersecurity, the recent Apache Tomcat vulnerability serves as a stark reminder of the ever-present threats that organizations face. Within hours of its disclosure, cybercriminals were already taking advantage of the flaw, showcasing the urgency for organizations to prioritize their security protocols
74
