Security Bulletin

Open-source GPS tracking server Traccar has been impacted with a high-severity path traversal vulnerability, tracked as CVE-2024-24809, and a critical unrestricted file upload flaw, tracked as CVE-2024-31214, which could be leveraged to facilitate...

More than 17,500 vulnerabilities have been reported between January and June, which is 11% higher than the first six months of 2023, over 45% of which were either high or critical severity, according to the Flashpoint Cyber Threat Intelligence Index.

Uber has been ordered by the Dutch Data Protection Authority to pay a $324 million penalty over its alleged insecure transfer of European drivers' personal information to the U.S. for over two years, which was noted to be a significant violation of...

To discover how Cisco is paving the way to unlock the power of AI, join us for our upcoming AI Unveiled customer online seminar series.

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-38856 Apache OFBiz Incorrect Authorization Vulnerability These types of vulnerabilities are frequent attack...

Versa Networks has released an advisory for a vulnerability ( CVE-2024-39717) in Versa Director, a key component in managing SD-WAN networks, used by some Internet Service Providers (ISPs) and Managed Service Providers (MSPs). A cyber threat actor...

The ShinyHunters attackers are skipping selling stolen data on hacker forums in favor of using deadline-driven ransom notes for financial gain.

It has been a while since I started to track how Python is used in the Windows eco-system[ 1]. Almost every day I find new pieces of malicious Python scripts. The programming language itself is not malicious. There are plenty of...

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Hacktivists retaliated against the French government in a series of DDoS attacks.