Critical

Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation

Jan 17, 2025 by iHash Leave a Comment

Jan 17, 2025Ravie LakshmananFirmware Security / Vulnerability Cybersecurity researchers have disclosed three security flaws in Planet Technology's WGS-804HPT industrial switches that could be chained to achieve pre-authentication remote code execution on susceptible devices. "These switches are widely used in building and home automation systems for a variety of networking … [Read more...] about Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation

Critical Flaw in ProjectSend Under Active Exploitation Against Public-Facing Servers

Nov 27, 2024 by iHash Leave a Comment

Nov 27, 2024Ravie LakshmananVulnerability / Software Security A critical security flaw impacting the ProjectSend open-source file-sharing application has likely come under active exploitation in the wild, according to findings from VulnCheck. The vulnerability, originally patched over a year-and-a-half ago as part of a commit pushed in May 2023 , was not officially made … [Read more...] about Critical Flaw in ProjectSend Under Active Exploitation Against Public-Facing Servers

Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks

Nov 26, 2024 by iHash Leave a Comment

Nov 26, 2024Ravie LakshmananVulnerability / Website Security Two critical security flaws impacting the Spam protection, Anti-Spam, and FireWall plugin WordPress could allow an unauthenticated attacker to install and enable malicious plugins on susceptible sites and potentially achieve remote code execution. The vulnerabilities, tracked as CVE-2024-10542 and CVE-2024-10781, … [Read more...] about Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks

Critical Flaws in Ollama AI Framework Could Enable DoS, Model Theft, and Poisoning

Nov 4, 2024 by iHash Leave a Comment

Nov 04, 2024Ravie LakshmananVulnerability / Cyber Threat Cybersecurity researchers have disclosed six security flaws in the Ollama artificial intelligence (AI) framework that could be exploited by a malicious actor to perform various actions, including denial-of-service, model poisoning, and model theft. "Collectively, the vulnerabilities could allow an attacker to carry out … [Read more...] about Critical Flaws in Ollama AI Framework Could Enable DoS, Model Theft, and Poisoning

CrowdStrike Earns High Scores in 2024 Gartner Critical Capabilities for Endpoint Protection

Oct 31, 2024 by iHash Leave a Comment

This week, Gartner released its 2024 Gartner® Critical Capabilities Report for Endpoint Protection Platforms (EPP) as a companion to last month’s 2024 Gartner® Magic Quadrant™ for Endpoint Protection Platforms. We’re proud to share that CrowdStrike received the highest score in both the Core Endpoint Protection and Managed Security Services Use Cases in the 2024 Gartner … [Read more...] about CrowdStrike Earns High Scores in 2024 Gartner Critical Capabilities for Endpoint Protection

Three Critical Ivanti CSA Vulnerabilities Actively Exploited

Oct 8, 2024 by iHash Leave a Comment

Oct 08, 2024Ravie LakshmananZero-Day / Vulnerability Ivanti has warned that three new security vulnerabilities impacting its Cloud Service Appliance (CSA) have come under active exploitation in the wild. The zero-day flaws are being weaponized in conjunction with another flaw in CSA that the company patched last month, the Utah-based software services provider … [Read more...] about Three Critical Ivanti CSA Vulnerabilities Actively Exploited

Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability

Oct 5, 2024 by iHash Leave a Comment

Oct 05, 2024Ravie LakshmananData Privacy / Mobile Security Apple has released iOS and iPadOS updates to address two security issues, one of which could have allowed a user's passwords to be read out aloud by its VoiceOver assistive technology. The vulnerability, tracked as CVE-2024-44204, has been described as a logic problem in the new Passwords app impacting a slew of … [Read more...] about Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability

SonicWall Urges Users to Patch Critical Firewall Flaw Amid Possible Exploitation

Sep 6, 2024 by iHash Leave a Comment

Sep 06, 2024Ravie LakshmananNetwork Security / Threat Detection SonicWall has revealed that a recently patched critical security flaw impacting SonicOS may have come under active exploitation, making it essential that users apply the patches as soon as possible. The vulnerability, tracked as CVE-2024-40766, carries a CVSS score of 9.3 out of a maximum of 10. "An improper … [Read more...] about SonicWall Urges Users to Patch Critical Firewall Flaw Amid Possible Exploitation

RansomHub Ransomware Group Targets 210 Victims Across Critical Sectors

Sep 2, 2024 by iHash Leave a Comment

Threat actors linked to the RansomHub ransomware group encrypted and exfiltrated data from at least 210 victims since its inception in February 2024, the U.S. government said. The victims span various sectors, including water and wastewater, information technology, government services and facilities, healthcare and public health, emergency services, food and agriculture, … [Read more...] about RansomHub Ransomware Group Targets 210 Victims Across Critical Sectors

JBL Flip 6 Portable Bluetooth Speaker (Open Box) for $74

Navee V25 300W Foldable e-Scooter for $299

Smart Tracker Includes Key Ring – Works with Apple Find My App (2-Pack) for $34

Harmony Premium Plan Lifetime Subscription for $99

Lenovo 11.6" 100e Chromebook 2nd Gen (2019) MediaTek MT8173C 4GB RAM 16GB eMMC (Refurbished) for $54