Blog

The Precursor Security Weekly Vulnerability Roundup for week commencing 9th September 2024.

A persistent Cross-Site Scripting vulnerability in WooCommerce Subscriptions before version 2.6.3 allowed unauthenticated users to execute malicious scripts in the WordPress admin panel, leading to potential account takeover and privilege escalation, underscoring the importance of timely updates and integrated security practices in development.

A blog from our SOC Lead on the ransomware landscape related to Citrix Environments.

The Precursor Security Operations Centre have recently achieved the CREST SOC accreditation, validating Precursor’s commitment to delivering the highest quality of Managed Detection & Response (MDR) services to customers.

Microsoft Research has revealed that a vulnerability (CVE-2024-37085) exists that allows a malicious actor to obtain administrative control over VMWare ESXi and deploy ransomware. Precursor Managed Detection & Response team have deployed custom detections to protect customers.