Featured Story
Critical 7-Zip Vulnerability Let Attackers Execute Arbitrary Code
A severe vulnerability (CVE-2024-11477) in 7-Zip, the popular file compression utility, allows attackers to execute malicious code through specially crafted archives. Rated 7.8 on the CVSS scale, the flaw lies in the Zstandard decompression implementation, where improper validation of user-supplied data results in an integer underflow.
Attackers can exploit this vulnerability by distributing malicious archives, often via email or file-sharing methods. The flaw is especially concerning in Linux environments where the Zstandard format is more common.
This incident underscores the importance of proper input validation in software that handles untrusted data. Organizations relying on 7-Zip should immediately upgrade to version 24.07, as the application does not support auto-updates. Manually patching is critical to avoid exploitation.
Other Stories
Critical Flaw in ProjectSend Under Active Exploitation Against Public-Facing Servers
CVE-2024-11680 (CVSS 9.8) is a critical flaw in the open-source ProjectSend file-sharing app that allows remote code execution due to improper authorization checks. Attackers have been exploiting this since September 2024 to deploy web shells on exposed servers.
If you’re using ProjectSend, update to version r1720 or later immediately. Only ~1% of exposed servers are patched. Our SOC can assist with vulnerability management and exploitation detection for ProjectSend and similar systems.
Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks
CVE-2024-10542 and CVE-2024-10781 affect the CleanTalk Spam Protection and Firewall plugin. The flaws allow unauthenticated attackers to install and activate malicious plugins, potentially leading to remote code execution on over 200,000 WordPress sites.
Always keep plugins up to date. We strongly advise updating to versions 6.44 or 6.45 of CleanTalk immediately. Vulnerable plugins are common entry points for website compromises.
Beware: Fake Emails Circulating in the Name of Christian Mutuality
Phishing emails are circulating that impersonate Christian Mutuality, claiming a document is available through a malicious link. These emails aim to steal personal or banking information and are considered a widespread threat.
Do not click on links or open attachments in unexpected messages. Always access services via official websites. Report suspicious messages to
suspicious@safeonweb.be — text messages can be screenshotted and sent to the same address.Contact the Approach Cyber SOC team for tailored support and training programs.
