Donot APT Group Targeting Pakistan – Active IOCs

July 30, 2024

Maritime Facilities in Several Countries Targeted by New SideWinder Cyberattacks – Active IOCs

July 30, 2024

CVE-2024-41655 – Node.js tf2-item-format module Vulnerability

July 30, 2024

Severity

High

Analysis Summary

CVE-2024-41655

Node.js tf2-item-format module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw. By sending a specially crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service condition.

Impact

Denial of Service

Indicators of Compromise

CVE

CVE-2024-41655

Affected Vendors

Node.js

Affected Products

Node.js tf2-item-format tf2-item-format 5.9.13

Remediation

Upgrade to the latest version of tf2-item-format, available from the Node.js GIT Repository.

Node.js GIT Repository

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

CoinMiner Malware – Active IOCs

Google Warns of Active Exploits Targeting Chrome V8 Vulnerability

CVE-2025-6554 – Google Chrome Vulnerability

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Donot APT Group Targeting Pakistan – Active IOCs

Maritime Facilities in Several Countries Targeted by New SideWinder Cyberattacks – Active IOCs

Severity

High

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation