Vulnerability News

Two vulnerabilities in Rockwell Automation PanelView Plus have been discovered. Unauthenticated attackers could exploit them remotely to perform remote code execution (RCE) and denial-of-service attacks.  Rockwell Automation, Inc. is an American provider of industrial automation and digital transformation technology. Among the brands are FactoryTalk, Allen-Bradley, and LifecycleIQ Services. PanelView Plus devices are utilized in the The post Multiple Flaws In Rockwell Automation Panel Let Attackers Execute Remote Code appeared first on Cyber Security News.

Hackers are actively exploiting a remote code execution vulnerability in the HTTP File Server (HFS) program. The vulnerability, identified as CVE-2024-23692, was disclosed in May 2024 and has since been leveraged by attackers to install malware and take control of vulnerable systems. HFS, a popular file-sharing program, is now at the center of a significant The post Hackers Exploiting HTTP File Server Remote Code Execution Vulnerability in Wild appeared first on Cyber Security News.

Splunk is a software platform designed to search, analyze, and visualize machine-generated data from various sources, including websites, applications, sensors, and devices. In 2024, Splunk was acquired by Cisco, which aims to leverage Splunk’s capabilities to enhance digital resilience across its customer base. Splunk has released security updates to address multiple critical vulnerabilities in Splunk The post Multiple Flaws in Splunk Enterprise Let Attackers Execute Arbitrary Code appeared first on Cyber Security News.

Multiple vulnerabilities in the CocoaPods dependency manager have been identified, posing a significant risk of supply chain attacks. The flaw enables any malicious actor to take control of thousands of unclaimed pods and inject malicious code into numerous well-known Mac and iOS apps. An attack on the mobile app ecosystem may infect almost all Apple The post CocoaPods Vulnerability Exposes iOS & macOS Apps To Supply Chain Attacks appeared first on Cyber Security News.

Researchers from the University of California have unveiled a novel high-precision Branch Target Injection (BTI) attack, dubbed “Indirector,” that exploits vulnerabilities in the Indirect Branch Predictor (IBP) and the Branch Target Buffer (BTB) of high-end Intel CPUs, specifically the Raptor Lake and Alder Lake generations. Security researchers Luyi Li, Hosein Yavarzadeh, and Dean Tullsen named The post Intel CPU Vulnerability: Indirector Injection Attack Leads to Sensitive Data Leak appeared first on Cyber Security News.

A critical vulnerability in the Command Line Interface (CLI) of Cisco NX-OS Software is currently under active exploitation, allowing attackers to execute arbitrary commands as root on affected devices. This zero-day flaw, identified as CVE-2024-20399, poses a significant threat to network security, particularly for organizations utilizing Cisco’s Nexus and MDS series switches. The vulnerability arises The post Cisco NX-OS Zero-Day Command Injection Flaw Under Active Attack appeared first on Cyber Security News.

Several new vulnerabilities have been discovered in Toshiba e-STUDIO Multi-Function Printers (MFPs) that are used by businesses and organizations worldwide. These vulnerabilities affect 103 different models of Toshiba Multi-Function Printers.  Vulnerabilities identified include Remote Code execution, XML External Entity Injection (XXE), Privilege Escalation, Authentication credential leak, DOM-based XSS, Insecure Permissions, TOCTOU (Time-Of-Check to Time-Of-Use) conditions, The post Toshiba Multi-Function Printers Impacted by 40+ Vulnerabilities appeared first on Cyber Security News.

A critical use-after-free vulnerability has been discovered in the Linux kernel’s netfilter subsystem. This vulnerability could potentially allow local, unprivileged users with CAP_NET_ADMIN capability to escalate their privileges. The flaw, identified in the upstream commit 5f68718b34a5 (“netfilter: nf_tables: GC transaction API to avoid race with control plane”), can cause a use-after-free issue on an NFT_CHAIN The post PoC Exploit Published for Linux Kernel Privilege Escalation Flaw appeared first on Cyber Security News.

Cybersecurity researchers uncovered a sophisticated attack campaign by the Water Sigbin (aka 8220 Gang) threat actor that exploited vulnerabilities in the Oracle WebLogic Server, notably CVE-2017-3506 and CVE-2023-21839, to deploy the XMRig cryptocurrency miner on compromised systems. The attack begins with the threat actor exploiting the WebLogic vulnerabilities to execute a malicious PowerShell script on The post Water Sigbin Hackers Exploit Oracle WebLogic Vulnerabilities appeared first on Cyber Security News.

Hackers target and abuse npm packages to inject malicious code into widely used software libraries, reaching many developers and applications. Sonatype security researchers recently identified more than 250 npm packages that mimic popular AWS, Microsoft, and other open-source projects. A Russian hacker who alleges to be a bug bounty hunter is responsible for creating these The post Hackers Created 250 npm Packages, Mimicking Popular AWS And Microsoft Projects appeared first on Cyber Security News.