The Digital Security Authority (DSA) wants to bring to your attention, a critical vulnerability (CVE-2024-30103) in Microsoft Outlook that allows attackers to execute malicious code simply by opening an email. This “zero-click” exploit doesn’t require user interaction and poses a serious threat.
The Digital Security Authority (DSA) wants to bring to your attention, a Remote Code Execution (RCE) chain vulnerability in the Progress Telerik Report Server that allows an attacker to bypass authentication controls and execute arbitrary code on the server.
The Digital Security Authority (DSA) wants to bring to your attention that a vulnerability has been identified in Apache OFBiz allows attackers to remotely execute code on vulnerable systems.
The Digital Security Authority (DSA) wants to bring to your attention, a High Severity vulnerability in the WordPress core, specifically within the Avatar block which could allow both authenticated and unauthenticated attackers to execute malicious scripts, potentially leading to full site control.
The Digital Security Authority (DSA) wants to bring to your attention, that IBM released Security updates to address an information disclosure vulnerability in QRadar SIEM.
The Digital Security Authority (DSA) wants to bring to your attention, a critical security vulnerability has been discovered in the xz data compression library, commonly used in Linux distributions.
The Digital Security Authority (DSA) wants to bring to your attention, that DinodasRAT, also known as XDealer, is a multi-platform backdoor actively targeting Linux systems worldwide.
The Digital Security Authority (DSA) wants to bring to your attention, an ongoing campaign targeting organizations with StrelaStealer, a malware program designed to steal email credentials.
The Digital Security Authority (DSA) wants to bring to your attention, a ransomware campaign known as RA World – actively targeting Windows users globally.
The Digital Security Authority (DSA) wants to bring to your attention, a ransomware called Phobos targeting various organizations globally, including critical infrastructure sectors. It encrypts victim files, rendering them inaccessible, and extorts ransom payments for decryption.
Page 1 of 2
