Tag: #InfoSec
Microsoft has addressed a critical Windows MSHTML zero-day vulnerability, tracked as CVE-2024-38112, which has been actively exploited in cyberattacks for eighteen months. This high-severity MHTML spoofing issue, fixed during the July 2024 Patch Tuesday security updates, allowed malicious scripts to bypass built-in security features. Haifei Li of Check Point Research discovered the vulnerability and reported […]
GitLab has issued a critical security alert regarding a severe vulnerability in its GitLab Community and Enterprise editions, potentially allowing attackers to execute pipeline jobs as other users. With over 30 million registered users and adoption by more than 50% of Fortune 100 companies, including T-Mobile, Goldman Sachs, Airbus, Lockheed Martin, Nvidia, and UBS, this […]
Microsoft’s July security update reveals significant vulnerabilities, with attackers already exploiting flaws in the system. The update addresses a staggering 139 CVEs in Microsoft products and four in non-Microsoft products. The July update necessitates prompt action from administrators, given the patching requirements for 139 unique CVEs. Among these, two are actively exploited by attackers, and […]