Security researchers discovered critical vulnerabilities in Appsmith, notably CVE-2024-55963, allowing unauthenticated attackers to execute system commands via misconfigured PostgreSQL databases in versions 1.20 to 1.51. Other issues included CVE-2024-55964 (Insecure Direct Object Reference) and CVE-2024-55965 (Denial of Service). Appsmith has patched these vulnerabilities in versions 1.48 to 1.52; users should upgrade immediately for protection.
CISA Details New RESURGE Malware Used In Ivanti Attacks
The U.S. Cybersecurity and Information Security Agency (CISA) has detected a new malware variant termed RESURGE, which can modify files and manipulate integrity checks. The
