CVE-2024-57968 – Threat Note

From Cybersecurity Help – Edimax acknowledges exploited vulnerability in IC-7100 cameras, no patch

No security patches or firmware updates will be released because the product was discontinued more than ten years ago. Read More

shaikh Saqib March 11, 2025

News

From The Hacker News – CISA Adds Five Actively Exploited Vulnerabilities in Advantive VeraCore and Ivanti EPM to KEV List

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws impacting Advantive VeraCore and Ivanti Endpoint Manager (EPM) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation in the wild. The list of vulnerabilities is as follows - CVE-2024-57968 - An unrestricted file upload vulnerability in Advantive VeraCore

shaikh Saqib March 11, 2025

News

From Dark Reading – XE Group Shifts From Card Skimming to Supply Chain Attacks

The likely Vietnam-based threat actor has been using two zero-days in VeraCore's warehouse management software in some of its latest cyberattacks. Read More

shaikh Saqib February 11, 2025

News

From The Hacker News – XE Hacker Group Exploits VeraCore Zero-Day to Deploy Persistent Web Shells

Threat actors have been observed exploiting multiple security flaws in various software products, including Progress Telerik UI for ASP.NET AJAX and Advantive VeraCore, to drop reverse shells and web shells, and maintain persistent remote access to compromised systems. The zero-day exploitation of security flaws in VeraCore has been attributed to a threat actor known as XE Group, a cybercrime

shaikh Saqib February 10, 2025