DeepNewz, mobile.
People-sourced. AI-powered. Unbiased News.
The Cybersecurity and Infrastructure Security Agency (CISA) has flagged several critical vulnerabilities in widely used software platforms, including CyberPanel, SailPoint IdentityIQ, ProjectSend, and Zyxel. These vulnerabilities, identified as CVE-2024-51378 and CVE-2024-10905, both with a CVSS score of 10, are under active exploitation. Attackers are leveraging these flaws to bypass authentication, execute arbitrary commands, and potentially expose sensitive data. Ransomware campaigns such as PSAUX and Helldown are reportedly exploiting these vulnerabilities. Additionally, a critical zero-day vulnerability in Windows, affecting all versions from Windows 7 to 11 and Server 2008 R2 onward, has been disclosed. This NTLM security flaw exposes user credentials and currently lacks an official fix, although an unofficial patch has been released by 0patch.
New Windows 7 To 11 Warning As Zero-Day With No Official Fix Strikes https://t.co/BK403iGn6G
By Sayan Sen - All of Microsoft's server and client Windows versions are susceptible to a new NTLM security flaw. An unofficial patch has been released by 0patch. #Windows #NTLM #ZeroDay #Bug https://t.co/ucLblrjyGV
By me @Forbes: A new Windows zero-day, impacting all versions from 7 to 11 and from Server 2008 R2 on, has landed. No official fix available. #kudos @mkolsek for this one. #infosec https://t.co/L7rJ9rM0Ql
