Alireza Gharib Blog

CERT-In Alerts WordPress Users to Critical WPForms Plugin Vulnerability As the world welcomed the New Year, cybersecurity experts had little reason to celebrate. On January 1, 2025, the Indian Computer Emergency Response Team (CERT-In) issued a high-severity alert about a … Read more Published Date: Jan 02, 2025 (2 hours, 56 minutes ago) Vulnerabilities has been mentioned…

Critical PAN-OS Vulnerability Added to CISA’s Exploited List: What You Need to Know The Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) Catalog by adding a newly discovered vulnerability in Palo Alto Networks’ PAN-OS vers … Read more Published Date: Jan 02, 2025 (4 hours, 1 minute ago) Vulnerabilities has been mentioned…

PoC Exploit Released for Zero-Click Vulnerability CVE-2024-49112 in Windows SafeBreach Labs revealed a zero-click vulnerability in the Windows Lightweight Directory Access Protocol (LDAP) service, dubbed “LDAP Nightmare”. This critical vulnerability, tracked as CVE-2024-49112 … Read more Published Date: Jan 02, 2025 (8 hours, 26 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2024-12108 CVE-2024-49112

CVE-2024-12108 (CVSS 9.6) and Beyond: Progress Issues Critical Patch for WhatsUp Gold Network Monitoring Software Progress Software Corporation, a global provider of products to develop, deploy, and manage high-impact business applications, has issued a critical security bulletin for its WhatsUp Gold network moni … Read more Published Date: Jan 02, 2025 (8 hours, 34 minutes ago) Vulnerabilities…

From Fake Installers to Stolen Credentials: Decoding the LegionLoader Threat TRAC Labs has released an in-depth report on LegionLoader, a sophisticated downloader malware that has evolved significantly since its initial appearance in 2019. The malware, also tracked as Satacom, … Read more Published Date: Jan 02, 2025 (8 hours, 35 minutes ago) Vulnerabilities has been mentioned in…

D-Link Issues Warning on End-of-Life Routers Vulnerable to Botnet Exploits D-Link has issued a critical advisory urging users to retire and replace several legacy router models, including the DIR-645, DIR-806, GO-RT-AC750, and DIR-845, citing their End-of-Life (EOL) and End- … Read more Published Date: Jan 02, 2025 (8 hours, 48 minutes ago) Vulnerabilities has been mentioned in…

CVE-2024-12987 affecting DrayTek Routers CVE-2024-12987 is a critical security vulnerability identified in the DrayTek Vigor2960 and Vigor300B routers, specifically affecting firmware version 1.5.1.4. This vulnerability resides within the We … Read more Published Date: Jan 01, 2025 (1 day ago) Vulnerabilities has been mentioned in this article. CVE-2024-12987

CVE-2024-21182: PoC Exploit Code Published for Severe WebLogic Flaw A security researcher published a proof-of-concept (PoC) exploit for CVE-2024-21182, a critical vulnerability in Oracle WebLogic Server. Rated at CVSS 7.5, this flaw exposes affected systems to potent … Read more Published Date: Jan 01, 2025 (1 day, 9 hours ago) Vulnerabilities has been mentioned in this article.…

Is Your Network at Risk? New Report Highlights Network File System Vulnerabilities HvS-Consulting GmbH has released an insightful report shedding light on the often-overlooked vulnerabilities of the Network File System (NFS) protocol. Widely used across platforms for remote file acc … Read more Published Date: Jan 01, 2025 (1 day, 9 hours ago) Vulnerabilities has been mentioned…

China’s cyber intrusions took a sinister turn in 2024 The Chinese government’s intrusions into America’s telecommunications and other critical infrastructure networks this year appears to signal a shift from cyberspying as usual to prepping for destructi … Read more Published Date: Dec 31, 2024 (1 day, 22 hours ago) Vulnerabilities has been mentioned in this article. CVE-2024-39717…