Threat Intelligence

A blind XML External Entity (XXE) injection vulnerability in Wordpress, tracked as CVE-2021-29447 allows authenticated users to steal files.

Threat actors discussing the exploit for CVE-2022-26809, an RCE present in the Windows RPC runtime.

Two application that impersonates the Directorate of Kerala Lotteries. These applications lure people into buying lottery tickets online.

Access to Acronis Cloud instance used by 43 US-based companies on sale.

CloudSEK’s contextual AI digital risk platform XVigil, discovered a threat actor group named Team Mysterious Bangladesh who claimed to have compromised the CBHE Delhi, India. The group mentioned leaking information about students from 2004 to 2022.

Jira released an advisory about the newly identified path traversal and read file vulnerability, CVE-2021-26086, in the Jira Software Server. Threat actors could exploit this vulnerability to poison the server logs, thereby causing remote code execution and/ or exfiltration of sensitive files and information.

CloudSEK threat intelligence advisory on malware-laced Google Chrome, Microsoft Edge extensions, pose as video downloader applications.

A website called Zoom Leaks advertises itself as a public forum used to share session codes, on the popular live conference software zoom.