9Eki
Jenkins RCE Attack
Cyber threat actors target Jenkins Arbitrary File Read vulnerability (CVE-2024-23897) in ransomware attacks. FortiGuard Labs continues to see active attack telemetry targeting the vulnerability.
Son Yazılar
- Device using China Mobile DNS server querying for what appears to be VoIP address
- CVE-2025-0429 | AI Power Plugin up to 1.8.96 on WordPress wpaicg_export_ai_forms code injection
- CVE-2024-12117 | Stackable Plugin up to 3.13.11 on WordPress Gutenberg Block cross site scripting
- CVE-2024-13361 | AI Power Plugin up to 1.8.96 on WordPress Shortcode authorization
- CVE-2024-13319 | Themify Builder Plugin up to 7.6.5 on WordPress cross site scripting
- CVE-2024-13360 | AI Power Plugin up to 1.8.96 on WordPress server-side request forgery
- CVE-2024-13406 | XML for Google Merchant Center Plugin up to 3.0.11 on WordPress cross site scripting
- CVE-2025-0428 | AI Power Plugin up to 1.8.96 on WordPress wpaicg_export_prompts code injection
- CVE-2025-23195 | Apache Ambari up to 2.7.8 DocumentBuilderFactory xml external entity reference
- CVE-2024-51941 | Apache Ambari up to 2.7.8 Ambari Metrics/AMS Alerts special elements into a different plane (special element injection)