security patch update – Threat Note

From Cyber Security News – WordPress Plug-in Vulnerability Let Hackers Inject Malicious SQL Queries

A critical vulnerability in GamiPress, a popular WordPress plugin used for gamification and rewards systems on websites. The high-impact flaw, categorized as CVE-2024-13496 with a CVSS 3.1 score of 7.5,…

shaikh Saqib March 24, 2025

News

From The Hacker News – GitHub Uncovers New ruby-saml Vulnerabilities Allowing Account Takeover Attacks

Two high-severity security flaws have been disclosed in the open-source ruby-saml library that could allow malicious actors to bypass Security Assertion Markup Language (SAML) authentication protections. SAML is an XML-based markup language and open-standard used for exchanging authentication and authorization data between parties, enabling features like single sign-on (SSO), which allows

shaikh Saqib March 13, 2025

News

From Cyber Security News – Critical Vulnerability in Wazuh Server Enables Remote Attackers to Execute Malicious Code

A critical remote code execution (RCE) vulnerability has been discovered in the Wazuh server, a popular open-source security platform used for threat detection and compliance monitoring. Identified as CVE-2025-24016, this…

shaikh Saqib March 3, 2025

News

From Cyber Security News – 90,000 WordPress Sites Vulnerable to Local File Inclusion Attacks

A severe security flaw in the Jupiter X Core plugin for WordPress exposed over 90,000 websites to Local File Inclusion (LFI) and Remote Code Execution (RCE) attacks. The vulnerability tracked as CVE-2025-0366…

shaikh Saqib February 19, 2025

News

From Cyber Security News – Windows Storage 0-Day Vulnerability Let Attackers Delete The Target Files Remotely

A significant security vulnerability has been identified in Windows, allowing attackers to remotely delete targeted files on affected systems. This vulnerability, tracked as CVE-2025-21391, was disclosed on February 11, 2025,…

shaikh Saqib February 12, 2025