The vulnerabilities CVE-2024-0012 and CVE-2024-9474 exploit weaknesses in the PAN-OS management interface, allowing attackers to bypass authentication and escalate privileges, potentially resulting in unauthorized control over network devices. Addressing these vulnerabilities quickly and effectively is critical to maintaining security and compliance.

The NuPoint Unified Messaging (NPM) module in Mitel MiCollab versions up to 9.8 SP1 FP2 (9.8.1.201) is vulnerable to a path traversal attack caused by insufficient input validation. This vulnerability could be exploited by an unauthenticated attacker to gain unauthorized access to sensitive files, potentially allowing them to read, alter, or delete user data and critical system settings. The Mitel MiCollab Arbitrary File Read Vulnerability combines CVE-2024-41713 with another yet-to-be-assigned issue.

On December 2, 2024, the Solana community faced a significant security incident involving the @solana/web3.js npm package, a critical library for developers building on the Solana blockchain with over 450K weekly downloads. This blog post aims to break down the attack flow, explore how it happened, and discuss the importance of supply chain security.

Confluent Cloud is a Kafka–as-a-service solution that simplifies the deployment, scaling, and operation of Kafka clusters. A popular feature is its Apache Kafka connectors, which make it easy to connect your Kafka clusters to any of 120+ third-party streaming data sources and destinations.

We are beyond excited to share some fantastic news with our community: Jazzer is now fully open source again under the Apache 2.0 license!