A newly disclosed high-severity security flaw impacting OttoKit (formerly SureTriggers) has come under active exploitation within a few hours of public disclosure. The vulnerability, tracked as CVE-2025-3102 (CVSS score: 8.1), is an authorization bypass bug that could permit an attacker to create administrator accounts under certain conditions and take control of susceptible websites. “The SureTriggers: All-in-One Automation Platform plugin
Read More
Apple on Monday backported fixes for three vulnerabilities that have come under active exploitation in the wild to older models and previous versions of the operating systems. The vulnerabilities in question are listed below – The updates are now available for the following operating system versions – The fixes cover the following devices – The
Read More
Cybersecurity researchers have detailed a case of an incomplete patch for a previously addressed security flaw impacting the NVIDIA Container Toolkit that, if successfully exploited, could put sensitive data at risk. The original vulnerability CVE-2024-0132 (CVSS score: 9.0) is a Time-of-Check Time-of-Use (TOCTOU) vulnerability that could lead to a container escape attack and allow for unauthorized access
Read More
Cybersecurity researchers have uncovered two malicious extensions in the Visual Studio Code (VSCode) Marketplace that are designed to deploy ransomware that’s under development to its users. The extensions, named “ahban.shiba” and “ahban.cychelloworld,” have since been taken down by the marketplace maintainers. Both the extensions, per ReversingLabs, incorporate code that’s designed to invoke a PowerShell command, which
Read More
Our mission is to educate our customer base, build capacity in every country we operate in and make cyber security affordable to all