Paragon Solutions Spyware: Graphite
Paragon Solutions is yet another Israeli spyware company. Their product is called “Graphite,” and is a lot like NSO Group’s Pegasus. And Paragon is working...
USN-6146-1: Netatalk vulnerabilities
It was discovered that Netatalk did not properly validate the length of user-supplied data in the DSI structures. A remote attacker could possibly use this...
Interpol: Human Trafficking is Fueling Fraud Epidemic
Policing organization issues Orange Notice to members Read More
Lazarus Group Blamed for Atomic Wallet Heist
Notorious North Korean group pegged for recent campaign Read More
Cyber Extortionists Seek Out Fresh Victims in LatAm and Asia
Ukraine war may have been catalyst for targeting non-NATO countries Read More
ZDI-23-837: NETGEAR RAX30 USB Share Link Following Information Disclosure Vulnerability
This vulnerability allows physically present attackers to disclose sensitive information on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability....
ZDI-23-838: NETGEAR RAX30 Use of Hard-coded Credentials Authentication Bypass Vulnerability
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. Read More
ZDI-23-839: NETGEAR RAX30 cmsCli_authenticate Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. Read...
ZDI-23-840: VMware Aria Operations for Networks createSupportBundle Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of VMware Aria Operations for Networks. Authentication is not required to exploit this...
ZDI-23-841: VMware Aria Operations for Networks getNotifiedEvents Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of VMware Aria Operations for Networks. Authentication is required to exploit this vulnerability....