The Iranian state-sponsored threat actor known as OilRig deployed three different downloader malware throughout 2022 to maintain persistent access to victim organizations located in Israel. The three ...
Continue Reading
December 15, 2023
Telegram Nearby Map uses OpenStreetMap and the official Telegram library to find the position of nearby users. Please note: Telegram's API was updated a while ago to make nearby user distances le ...
Continue Reading
December 15, 2023
Cube is a semantic layer for building data applications. Prior to version 0.34.34, it is possible to make the entire Cube API unavailable by submitting a specially crafted request to a Cube API endpoi ...
Continue Reading
December 15, 2023
Hono is a web framework written in TypeScript. Prior to version 3.11.7, clients may override named path parameter values from previous requests if the application is using TrieRouter. So, there is a r ...
Continue Reading
December 15, 2023
Malware analysis encompasses a broad range of activities, including examining the malware's network traffic. To be effective at it, it's crucial to understand the common challenges and how t ...
Continue Reading
December 15, 2023
Summary IBM MQ has resolved a denial of service vulnerability. Vulnerability Details CVEID: CVE-2023-5072 DESCRIPTION: JSON-java is vulnerable to a denial of service, caused by a bug in the parser. By ...
Continue Reading
December 15, 2023
In WhatsUp Gold versions released before 2023.1, an API endpoint was found to be missing an authentication mechanism. It is possible for an unauthenticated attacker to enumerate ancillary credential i ...
Continue Reading
December 15, 2023
Impact It is possible to make the entire Cube API unavailable by submitting a specially crafted request to a Cube API endpoint. Patches The issue has been patched in the v0.34.34 and it's recomme ...
Continue Reading
December 15, 2023
Back to Main
