Get in Touch
Please get in touch using the form below.
Menu
Stay tuned to vulnerabilities and advisories from around the globe.
Home / Threat Intelligence bulletins
Published: 8th March 2024 | In: Threat Intelligence & Guidance
Two security flaws, tracked as CVE-2024-1708 and CVE-2024-1709 released by ScreenConnect (ConnectWise), have been actively targeted by the North Korean nation state-sponsored group, tracked as Emerald Sleet (also known as Kimsuky).
Learn more
Published: 6th March 2024 | In: Threat Intelligence & Guidance
Apple remediates two iOS zero-days exploited in iPhone attacks.
VMware has released security patches to remediate four security flaws impacting ESXi, Workstation and Fusion.
A new zero-click worm malware variant, tracked as "Morris II", has been discovered that leverages prompt engineering and injection techniques to target generative artificial intelligence (GenAI) applications, resulting in the spread of malware.
Published: 4th March 2024 | In: Threat Intelligence & Guidance
On 19th February 2024, ConnectWise disclosed two critical vulnerabilities within ScreenConnect versions 23.9.7 and prior. Tracked as CVE-2024-1708 (CVSSv3 Base Score 8.4), and CVE-2024-1709 (CVSSv3 Base Score 10.0) respectively, these vulnerabilities are being actively exploited by notable threat actors, including BlackBasta ransomware operators and Bl00dy ransomware gangs.
Two authentication bypass vulnerabilities (tracked as CVE-2023-52160 and CVE-2023-52161) have been detected within open-source Wi-Fi software found in Android, Linux, and ChromeOS devices that has the potential to lure users into joining a malicious clone of a legitimate network or allow a threat actor to join a trusted network without requiring a password.