Aggregator

Dozens of vulnerabilities in products from three leading makers of solar inverters, Sungrow, Growatt, and SMA, could be exploited to control devices or execute code remotely on the vendor's cloud platform. [...]

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

• CVE-2025-2783 Google Chromium Mojo Sandbox Escape Vulnerability

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

CISA released one Industrial Control Systems (ICS) advisory on March 27, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

• ICSA-25-037-01 Schneider Electric EcoStruxure Power Monitoring Expert (PME) (Update A)

CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations.

A vulnerability was found in JetBrains TeamCity. It has been rated as problematic. This issue affects some unknown processing of the component Commit Status Publisher. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-36371. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in JetBrains TeamCity. It has been declared as problematic. This vulnerability affects unknown code of the component Report Group Handler. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-36366. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in JetBrains TeamCity. Affected is an unknown function of the component Code Inspection Report Handler. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-36363. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in JetBrains TeamCity. Affected by this vulnerability is an unknown functionality of the component Third-Party Report Handler. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-36367. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in JetBrains TeamCity. Affected by this issue is some unknown functionality of the component OAuth Provider Configuration Handler. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-36368. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in JetBrains TeamCity. This affects an unknown part of the component Issue Tracker Integration. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-36369. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in JetBrains TeamCity and classified as problematic. This vulnerability affects unknown code of the component OAuth Connection Setting Handler. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-36370. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in JetBrains TeamCity and classified as problematic. This issue affects some unknown processing of the component Subscription Page. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-36372. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in JetBrains TeamCity. It has been classified as problematic. Affected is an unknown function of the component Untrusted Builds Setting Handler. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-36373. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in JetBrains TeamCity up to 2024.03.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Build Step Setting Handler. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-36374. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in F5 NGINX Plus and NGINX Open Source. It has been rated as problematic. Affected by this issue is some unknown functionality of the component HTTP3 QUIC Handler. The manipulation leads to denial of service. This vulnerability is handled as CVE-2024-31079. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in F5 NGINX Plus and NGINX Open Source. This affects an unknown part of the component HTTP3 QUIC Handler. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2024-35200. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in F5 NGINX Plus and NGINX Open Source. This vulnerability affects unknown code of the component HTTP3 QUIC Handler. The manipulation leads to denial of service. This vulnerability was named CVE-2024-32760. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in F5 NGINX Plus and NGINX Open Source. This issue affects some unknown processing of the component HTTP3 QUIC Handler. The manipulation leads to memory leak. The identification of this vulnerability is CVE-2024-34161. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

Специалисты учат ИИ говорить «не знаю», когда нет уверенности в ответе.

Credential stuffing has emerged as one of the most pervasive and effective attack vectors in today’s cybersecurity landscape. This technique, which leverages stolen username and password combinations across multiple platforms, has been significantly enhanced through a sophisticated automation tool called Atlantis AIO (All-In-One), enabling threat actors to execute attacks at unprecedented scale and efficiency. The […]

The post Threat Actors Using Powerful Cybercriminal Weapon ‘Atlantis AIO’ to Automate Credential Stuffing Attacks appeared first on Cyber Security News.