Multiple critical vulnerabilities affecting Windows and PHP systems have been identified, allowing remote code execution without authentication. These vulnerabilities, including CVE-2024-4577, CVE-2024-30078, and CVE-2024-30080, enable attackers to install malware or ransomware via Wi-Fi or SQL injection. Security experts urge immediate patching to prevent exploitation.
Windows flaw lets hackers sneak into your PC over Wi-Fi https://t.co/sEYwkb9SZf
This vulnerability was quite nasty. PHP users should patch their servers quickly. https://t.co/TPEQG1W7eZ
hELLo i HaVe a WoRKiNG eXpLOiT fOr CVE-2024-30078 fOr ThE PRiCE oF FiVE tHoUsAnD dOLLaRsSssS https://t.co/sCHXscf9wu
hELLo i HaVe a WoRKiNG eXpLOiT fOr CVE-2024-37008 fOr ThE PRiCE oF FiVE tHoUsAnD dOLLaRsSssS https://t.co/9wx1PwGAP1
Ouch. The Windows Wi-Fi driver can be exploited by an attacker that is within Wi-Fi range. It requires no interaction from the victim and no prior knowledge of the system from the attacker. Just like the movies! It affects all modern versions of Windows. Patch immediately! 👇
Thousands of servers infected with ransomware via critical PHP vulnerability https://t.co/QzPQMnW4nA
New Wi-Fi Takeover Attack—All Windows Users Warned To Update Now https://t.co/iN917EBqSD
By me @Forbes: This Wi-Fi driver vulnerability impacts all versions of Windows and enables a no-interaction, no-authentication remote code attack as long as the attacker is in range. #infosec #windows #wifi https://t.co/DO1z4ClpK7
PoC Exploit Emerges for Critical RCE Bug in Ivanti Endpoint Manager: https://t.co/h2SOnFAGo6 by darkreading #infosec #cybersecurity #technology #news
Somewhat buried in Microsoft's Patch Tuesday release this month is CVE-2024-30078 That allows someone in Wi-Fi range to run malware on a victim's Windows PC with no authentication. Wireless remote code execution Found by Beijing's Cyber Kunlun team https://t.co/BzkmH7j7fA
A very serious vulnerability. Zero-click email RCE. Patch immediately. https://t.co/LJprO97ESM
⚠️ We are now tracking CVE-2024-29824, which is a remote code execution vulnerability (via SQL injection and xp_cmdshell) in Ivanti Endpoint Protection Manager, based on the proof of concept built by @horizon3ai. https://t.co/S7Ul6Qeq3K
Critical Microsoft Message Queuing (MSMQ) Remote Code Execution (RCE) vulnerability CVE-2024-30080 ~256,000 publicly exposed devices: https://t.co/qjYHm5hikZ https://t.co/DQdwlz6u0t Check our free Accessible MSMQ Service Report & patch immediately: https://t.co/F80eTnh6cx https://t.co/X51kAWyOnr
CVE-2024-4577, a PHP flaw that could lead to RCE, is now being actively exploited. #cybersecurity #ITsecurity #ransomware https://t.co/vDbcCK5Bym
Our deep-dive for the recent #Ivanti Endpoint Manager (EPM) unauth SQL injection to RCE vulnerability: CVE-2024-29824. https://t.co/T7rewDadSe
Windows security hole allows attackers to install malware via Wi-Fi — new patch plugs gaping vulnerability https://t.co/tSqmlmNeRS https://t.co/wsM8UF4CST