CVE-2025-30368 Zulip allows the deletion of organization by administrators of a different organization

Zulip is an open-source team collaboration tool. The API for deleting an organization export is supposed to be restricted to organization administrators, but its handler failed to check that the field belongs to the same organization as the user. Therefore, an administrator of any organization wa...

How to Plan a New (and Improved!) Password Policy for Real-World Security Challenges

Many organizations struggle with password policies that look strong on paper but fail in practice because they're too rigid to follow, too vague to enforce, or disconnected from real security needs. Some are so tedious and complex that employees post passwords on sticky notes under keyboards,...

BIT-GRAFANA-2024-10452

Organization admins can delete pending invites created in an organization they are not part of...

CVE-2023-7201

CVE-2023-7201 affects the Everest Backup WordPress plugin (versions prior to 2.2.5). The flaw allows high-privilege users (e.g., admin) to upload arbitrary files due to improper validation, including in multisite setups. Red Hat and CVE sources corroborate the same description. Remediation: upgra...

CVE-2023-40316

Based on connected documents, CVE-2023-40316 is referenced as an unpatched vulnerability in Linux distributions (notably Ubuntu). The Nessus unpatched plugin notes affected Ubuntu packages with no vendor-supplied patch available, implying an unresolved issue on Linux hosts until a vendor fix is r...

CVE-2024-25106 OpenObserve Unauthorized Access Vulnerability in Users API

OpenObserve is a observability platform built specifically for logs, metrics, traces, analytics, designed to work at petabyte scale. A critical vulnerability has been identified in the "/api/orgid/users/emailid" endpoint. This vulnerability allows any authenticated user within an organization to...

CVE-2023-1434

Odoo prior to 16.0 is vulnerable to CVE-2023-1434 due to an incorrect Content-Type on an API endpoint, enabling Cross-Site Scripting. The NUCLEI template notes the issue affects versions before 16.0 and describes the root cause as a mis-set content type in an API handler. Impactally, successful e...

Missing Authorization

sentry is vulnerable to Missing Authorization. The vulnerability exists in the download function at debugfiles.py due to not restricting file downloads to unauthenticated users of a different project which allows an attacker to perform arbitrary file downloads of debug or artifact bundles of an...

When is it time for a cyber hygiene audit?

Cyber hygiene is crucial for keeping your organization safe by limiting security breaches, threats against your IT infrastructure, and more. Read on to learn more about what makes up cyber hygiene, and how to audit its effectiveness...

CVE-2021-0792

Android 12 Security Release Notes enumerate CVE-2021-0792 in the System group as an Information Disclosure (Type: ID) vulnerability with Android bug ID A-180938364 and a Moderate severity. The document does not provide exploitable details, affected subcomponents beyond the System classification, ...

Improper Access Control

Sentry is vulnerable to improper access control. The vulnerability exists due to lack of validation in the invite link which allows an attacker to manipulate a cookie resulting in the ability to join an organization using multiple accounts with a single invite link...

Top Five Patch Management & Process Best Practices

Explore the top patch management best practices to mitigate the growing threat of vulnerability exploits in your organization...

Racoon Stealer is Back — How to Protect Your Organization

The Racoon Stealer malware as a service platform gained notoriety several years ago for its ability to extract data that is stored within a Web browser. This data initially included passwords and cookies, which sometimes allow a recognized device to be authenticated without a password being...

DEV-0537 criminal actor targeting organizations for data exfiltration and destruction

March 24, 2022 update - As Microsoft continues to track DEV-0537’s activities, tactics, and tools, were sharing new detection, hunting, and mitigation information to give you additional insights on remaining vigilant against these attacks. In recent weeks, Microsoft Security teams have been...

CISA Releases Guidance on Protecting Organization-Run Social Media Accounts

CISA has released Capacity Enhancement Guide CEG: Social Media Account Protection, which details ways to protect the security of organization-run social media accounts. Malicious cyber actors that successfully compromise social media accounts—including accounts used by federal agencies—could spre...

Insider threats: If it can happen to the FBI, it can happen to you

If you’re worried about the risk of insider threats, you’re not alone. It can affect anyone, even the FBI. A federal grand jury has just charged a former intelligence analyst with stealing confidential files from 2004 to 2017. That’s an incredible 13 years of “What are you doing with that pile of...

Tips to avoid the new wave of ransomware attacks

There have been a lot of changes in ransomware over time. We want to help you protect your organization from this growing attack trend...

ecco-shoes.by Cross Site Scripting vulnerability OBB-1464462

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Cybersecurity Awareness Month: 2020 in Retrospect

For cyber defenders worldwide, 2020 has been unprecedented year. CISOs and their security teams have battled increased attack volumes and data breaches as malicious actors seized the opportunity to exploit the disruption caused by the global pandemic. Cybercriminals are now deploying a wide range...

Helium: Read-only user can delete higher privileged members using open DELETE /api/memberships/<membershipID> endpoint

Summary The /api/memberships/membershipID endpoint on console.helium.com is open to anyone, including read-only users in an organization. This means that a read-only member can kick a manager, administrator, or even the owner out of an organization using this vulnerability. Steps to Reproduce: 1...