Severity High Analysis Summary Lazarus APT is one of North Korea’s most sophisticated threat actors, operating since at least 2009. Initially, they concentrated on South Korea. […]

Severity Medium Analysis Summary CVE-2022-1413 CVSS:5.3 GitLab could allow a remote attacker to obtain sensitive information, caused by missing input masking. By sending a specially-crafted request, […]

Severity High Analysis Summary CVE-2022-27588 QNAP QVR could allow a remote attacker to execute arbitrary commands on the system, caused by an unspecified flaw. By sending […]

Severity Medium Analysis Summary CVE-2021-39043 IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to […]

Severity Medium Analysis Summary CVE-2022-22365  IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0, with the Ajax Proxy Web Application (AjaxProxy.war) deployed, is vulnerable to spoofing […]

Severity High Analysis Summary CVE-2022-1729 Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a race condition in […]

Severity High Analysis Summary CVE-2022-1802 CVSS:8.8Mozilla Firefox, Firefox ESR, Firefox for Android and Thunderbird could allow a remote attacker to execute arbitrary code on the system, […]

Severity Medium Analysis Summary A new AgentTesla campaign is seen targeting victims with malspam. AgentTesla is known for stealing data from different applications on victim machines, […]

Severity High Analysis Summary PatchWork, (also known as Mahabusa, White Elephant, hangOver, VICEROY TIGER, The Dropping Elephant) is an APT that mainly conducts cyber-espionage activities against […]