CVE-2024-13426 WP-Polls <= 2.77.2 - Unauthenticated SQL Injection to Stored
CVE-2025-23087 This CVE has been issued to inform users that they are using
CVE-2025-23089 This CVE has been issued to inform users that they are using
CVE-2025-23088 This CVE has been issued to inform users that they are using
CVE-2025-23090 With the aid of the diagnostics_channel utility, an event ca
CVE-2025-0625 CampCodes School Management Software Attachment resource inj
RHSA-2025:0577 Important: Red Hat multicluster global hub 1.3.2 enhancement
RHSA-2025:0576 Important: Red Hat Advanced Cluster Management 2.9.6 bug fix
CVE-2024-13091 WPBot Pro Wordpress Chatbot <= 13.5.4 - Unauthenticated Arbi
CVE-2023-50733 A Server-Side Request Forgery (SSRF) vulnerability exists in
Popular Wordpress plugin vulnerability exposes 1 million WordPress sites

Popular Wordpress plugin vulnerability exposes 1 million WordPress sites

Giulio Saggin
Giulio Saggin
Thursday 16 January 2025

A critical vulnerability has been discovered in the popular W3 Total Cache plugin for WordPress, potentially exposing millions of websites to unauthorized access and exploitation.

Microsoft January 2025 Patch Tuesday Fixes 159 Vulnerabilities, Including 8 Zero-Days and 3 Actively Exploited Flaws

Microsoft January 2025 Patch Tuesday Fixes 159 Vulnerabilities, Including 8 Zero-Days and 3 Actively Exploited Flaws

MacOS Sequoia 15.1.1: Critical Security Update Addresses Web-Based Vulnerabilities

MacOS Sequoia 15.1.1: Critical Security Update Addresses Web-Based Vulnerabilities

CVE-2024-38094: Microsoft SharePoint Deserialization Vulnerability

CVE-2024-38094: Microsoft SharePoint Deserialization Vulnerability

Critical Vulnerabilities in Palo Alto Networks’ Expedition Tool Expose Systems to Unauthorized Access and Administrative Takeover

Critical Vulnerabilities in Palo Alto Networks’ Expedition Tool Expose Systems to Unauthorized Access and Administrative Takeover

Cyberattackers Exploit Google Sheets for Malware Control

Cyberattackers Exploit Google Sheets for Malware Control

Chinese Company and National Sanctioned For 2020 Attack On 80,000+ Firewalls

Chinese Company and National Sanctioned For 2020 Attack On 80,000+ Firewalls

Giulio Saggin
Giulio Saggin
Wednesday 11 December 2024

The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned and named a Chinese company and national as those responsible for the April 2020 attack on 80,000+ firewalls worldwide.

International Cyber Security Agencies List Top 15 Exploited Vulnerabilities Of 2023

International Cyber Security Agencies List Top 15 Exploited Vulnerabilities Of 2023

Cyber security agencies from around the world have co-authored a joint Cyber Security Advisory, listing the top 15 most frequently exploited vulnerabilities in 2023.

SEC Charges Four Companies Over Misleading SolarWinds Disclosures

SEC Charges Four Companies Over Misleading SolarWinds Disclosures

The SEC has charged four major companies for making misleading disclosures in relation to the 2020 SolarWinds attack.

LEGO Shop Hacked To Promote Ethereum Crypto Scam

LEGO Shop Hacked To Promote Ethereum Crypto Scam

The LEGO homepage has been breached and an image of golden coins bearing the company logo has appeared, along with claims that the "Lego coin" has been officially released.

Why Every Organisation Needs Real-Time Cybersecurity Alerts

Why Every Organisation Needs Real-Time Cybersecurity Alerts

Real-time vulnerability alerts are critical for cybersecurity. Challenges like data overload, delays, and skill gaps hinder their effectiveness. Balancing speed, accuracy, and coverage is key. SecAlerts offer tailored, swift alerts, crucial in today's threat landscape.

Critical Vulnerabilities Microsoft Azure DevOps and Azure CLI - CVE2023-36437 & CVE2023-36052
Seemlingly harmless sound clips can compromise our smart assistants security and privacy.
What is PCI DSS Requirement 6.1?

What is PCI DSS Requirement 6.1?

There are 12 PCI DSS Requirements that need to be met to attain PCI compliance. One of those, Requirement 6, ensures that an entity has its software protected by up-to-date "vendor-provided security patches".

What is PCI DSS Requirement 6?

What is PCI DSS Requirement 6?

The official explanation of PCI DSS Requirement 6 is summed up as "Develop and maintain secure systems and applications". In other words, an entity attaining PCI compliance needs to have its software protected by up-to-date "vendor-provided security patches".

What is an Approved Scanning Vendor (ASV)?

What is an Approved Scanning Vendor (ASV)?

Discover the Complexities Behind PCI Compliance: Unraveling the Critical Role of External Scans, Internal Vulnerability Checks, and the Cruciality of Requirement 6.1 in Cybersecurity. Explore how ASVs and Services like SecAlerts Play Key Roles in This Compliance Puzzle!

What is a zero-day?

What is a zero-day?

A zero-day refers to a vulnerability in software or hardware that is unknown to the vendor or the public. It's called "zero-day" because once it's discovered, attackers can exploit it immediately, leaving zero days for the vendor to fix it.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203