Severity High Analysis Summary Xloader Malware is next in line to another well known Windows-based info stealer called Formbook that’s known to void credentials from web […]

Severity High Analysis Summary A security researcher has recently released the PoC (proof-of-concept) of CVE-2021-42321, Exchange Post-Authentication RCE affecting Microsoft Exchange servers.  Threat actors are targeting unpatched environments and Microsoft […]

Severity High Analysis Summary Mass scanning activity detected from different hosts targeting Microsoft Exchange servers vulnerable to ProxyShell (CVE-2021-34473).It is critical to keep your servers patched […]

Severity High Analysis Summary CVE-2021-43019  Adobe Creative Cloud could allow a remote attacker to gain elevated privileges on the system, caused by improper access control. By […]

Severity High Analysis Summary CVE-2021-40369  Apache JSPWiki is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Denounce plugin. A remote attacker […]

Severity High Analysis Summary CVE-2021-22049 VMware vCenter Server is vulnerable to server-side request forgery. By accessing a URL request outside of vCenter Server or accessing an […]

Severity High Analysis Summary CVE-2021-31852  McAfee Policy Auditor is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this […]

Severity Medium Analysis Summary Squirrelwaffle is a malspam loader that emerged in September, 2021 which utilizes malicious links or Microsoft Office files spread through spam campaigns […]

Severity Medium Analysis Summary CVE-2021-38980  IBM Tivoli Key Lifecycle Manager (IBM Security Guardium Key Lifecycle Manager) 3.0, 3.0.1, 4.0, and 4.1 could allow a remote attacker […]