Advertisement
Chinese Hackers Hijack Auth Flow for Decade-Long Espionage
Chinese state-sponsored hackers maintained long-term access to an isolated network by hijacking the authentication flow, enabling a decade of espionage.
phpBB Authentication Bypass: Admin Login Vulnerability Patched
A decade-old authentication bypass in phpBB forum software, affecting versions up to 3.3.11, allowed attackers to log in as any user, including administrators.
CVE-2024-21319: PeopleSoft Auth Bypass Exploited by ShinyHunters
Oracle PeopleSoft zero-day CVE-2024-21319, an authentication bypass, is being actively exploited by ShinyHunters. Patch PeopleSoft 8.59, 8.60, 8.61 now.
CVE-2024-7109: Burst Statistics WordPress Plugin Auth Bypass Exploited
Hackers are actively exploiting CVE-2024-7109, a critical authentication bypass in Burst Statistics WordPress plugin, to gain admin access. Patch immediately.
Cisco Secure FMC Root Access & DoS Flaws Patched: Update Now
Cisco addresses two maximum-severity vulnerabilities in Secure Firewall Management Center (FMC) allowing unauthenticated root access and denial of service. Immediate
CrushFTP Bruteforce Scans: Protecting Against RCE & Auth Bypass
Ongoing bruteforce scans are targeting CrushFTP servers, likely attempting to exploit past critical vulnerabilities like CVE-2024-4040 (RCE) and CVE-2025-31161 (auth