A Critical Remote Code Execution Vulnerability Affecting WordPress Sites
Vulnerabilities and Exploitation Attempts
Four Critical RCE Flaws Affecting Atlassian Products
Atlassian has addressed?four critical remote code execution (RCE) vulnerabilities: CVE-2023-22522, CVE-2023-22523, CVE-2023-22524, and CVE-2022-1471 - all of which impact Confluence, Jira, and Bitbucket servers, along with a companion app for macOS.
A Critical Remote Code Execution Vulnerability Affecting WordPress Sites
WordPress released an updated version addressing a Remote Code Execution (RCE) vulnerability in WordPress sites, which when combined with another PHP object injection vulnerability, can be exploited to execute arbitrary PHP functions.
Malware Developments
AsyncRAT is Now Distributed via WSF Script in a Fileless Attack
?Security researchers discovered a new AsyncRAT campaign targeting users through sophisticated fileless attack methods. The campaign is designed for information exfiltration and backdoor access, while avoiding traditional file-based detection mechanisms.
Gain deeper CTI insights!
CyberProof’s CTI service offers comprehensive threat intelligence coverage, ensuring that your organization stays ahead of active threats that pose the greatest risk to your assets.
Our advanced CTI team investigates the threat landscape, providing you with detailed reports, related Indicators of Compromise (IOCs), technical recommendations, and MITRE ATT&CK mapping.