Pager 11 - Senthorus Blog

CVE-2023-7028 Gitlab Account-Take-Over Vulnerability

Critical GitLab flaw (CVE-2023-7028) lets hackers hijack accounts via email trick—no login needed. Learn how it works and how to stay protected.

By Leo Duntze

CVE-2023-46604: Critical RCE in Apache ActiveMQ Exploited by Kinsing Malware

The critical CVE-2023-46604 flaw in Apache ActiveMQ allows remote code execution, exploited to deploy malware like the Kinsing crypto miner.

By Leo Duntze

Ivanti VPN Zero-Day Exploits: CVE-2023-46805 & CVE-2024-21887

Two Ivanti VPN zero-days enable remote code execution; Volexity links the attacks to UTA0178 and urges urgent patching and forensic investigation.

By Natacha Bakir

The Log4Shell Vulnerability

Log4Shell (CVE-2021-44228) is a critical flaw in Log4j 2 allowing remote code execution, affecting millions of systems worldwide.

By Rayan Annabi

CVE-2023-22518 and how it is used in recent Ransomware Attacks

CVE-2023-22518 allows remote attackers to reset Confluence servers and deploy ransomware; patching and backups are critical for defense.

By Leo Duntze