Free Access

Category: Vulnerability

Peek into Monthly Vulnerabilities October 2024

Summary of key cybersecurity vulnerabilities for October 2024 with insights on risk mitigation.

Blog In October 2024, we were aware of a series of high-risk Common Vulnerabilities and Exposures (CVEs) for organizations and users. Such vulnerabilities, when taken advantage of, can allow attackers to gain root access and execute data breach, service disruption and other attacks. In this blog, we’ll dive into the top 10 CVEs for October […]

Amnesia Stealer

This image is about Amnesia Stealer.

Blog In the current digital environment, cybercriminals are always updating their strategies, using fresh technologies to get around security measures and access systems. The Amnesia Stealer, a sophisticated and dangerous piece of malware, has recently been added to their arsenal, garnering global attention from security experts.   What does Amnesia Stealer entail?   Discovered in […]

Peek into Monthly Vulnerabilities: September 2024

This image is about monthly vulnerabilities for September 2024.

Blog The month of September 2024 is exceptional for the many high-severity flaws that may hurt organizations and individual users. Several key Common Vulnerabilities and Exposures (CVEs) were published during this month, which could potentially grant attackers easy access to target systems. As we delve into these flaws, it is evident to notice that more […]

Peek into Monthly Vulnerabilities: August 2024

This image is about monthly vulnerabilities for August 2024.

Blog August 2024 again saw an uptick in the number of vulnerability disclosures, with several commonly exploited Common Vulnerabilities and Exposures (CVEs) across several platforms. Risk levels may be high, particularly on an enterprise scale, but the number of exploits seen this month demonstrates that there are active attempts to prevent them. This was another […]

Peek into Monthly Vulnerabilities: July 2024

This image is about monthly vulnerabilities for July 2024.

Blog July 2024 is not a normal reporting month as 22,254 Common Vulnerabilities and Exposures (CVEs) were reported in the middle of it, but only %0.91 had been weaponized. There were 79,000 new vulnerabilities reported in the first six months of 2024, which isn’t the actual number, but even if it is, it’s a staggering %12 of last […]

Peek into Monthly Vulnerabilities: June 2024

This image is about monthly vulnerabilities for June 2024.

Blog As more and more vulnerabilities and security flaws have surfaced throughout the rapidly changing cyber landscape, the need to keep an eye on our cybersecurity has become more keenly felt than ever before. The patching requirements of good cyber hygiene mandate that your chain is in good working order. To be effective, every security […]

Polyfill.io Supply Chain Attack: How Over 100,000 Websites Were Compromised and What You Need to Know

Learn how the Polyfill.io supply chain attack impacted over 100,000 websites and what steps you can take to secure your site.

Blog The Polyfill.io Scandal: What Happened? A highly used open-source JavaScript library, Polyfill.io helps to enable older browsers to implement modern web functionalities. This highly trusted service has recently been compromised, leading to massive supply chain attacks affecting over 100,000 websites. The rogue changed from reoriented users to scam and malicious sites. Researchers did issue […]

Peek into Monthly Vulnerabilities: May 2024

This image is about monthly vulnerabilities for May 2024.

Blog In May 2024, one of the largest number of vulnerabilities and security wrongdoings in this ever-changing cyber world were discovered. These vulnerabilities indicate that we must remain vigilant about our approach to cybersecurity. The online security landscape requires regular security patches to be in top form. Maintaining good cyber hygiene is crucial. That means […]

What is the OpenSSL Version Vulnerability?

This image is about the OpenSSL version vulnerability.

Blog On October 25, the OpenSSL team has announced that a security patch for a critical vulnerability in OpenSSL version 3.x was being prepared. In addition to that the forthcoming patch will be released on Tuesday, November 1, 2022, between 1300 and 1700 UTC. This security announcement aroused a curiosity in the community as It […]

SQL Injection Failure and Flaws That Allow Remote Attackers to Execute Code Remotely Have Been Patched by Vmware

This image is about VMware patching SQL injection vulnerabilities.

Blog The proof-of-concept exploit code is publicly available for a critical authentication bypass vulnerability in multiple VMware products that allows attackers to gain administrative privileges. VMware has previously released updates to the vulnerability (CVE-2022-31656, CVSS: N/A) affecting VMware Workspace ONE Access, Identity Manager and vRealize Automation. A high severity SQL injection flaw (CVE-2022-31659, CVSS: N/A) […]

Stay informed with the latest updates, expert insights, and in-depth analysis from ThreatMon’s cybersecurity intelligence. Subscribe to receive critical news, threat reports, and industry trends directly in your inbox, helping you stay ahead of emerging cyber threats.

Platform

Subscriptions

Solutions

Resources

Partner

Company

© 2024 ThreatMon. All rights reserved.
X-twitter Linkedin-in Github