CERT Poland has received a report about 3 vulnerabilities (CVE-2024-3459, CVE-2024-3460 and CVE-2024-3461) found in Kioware for Windows software.

CERT Polska is observing a malicious e-mail campaign targeting Polish government institutions conducted by the APT28 group.

Improper Input Validation vulnerability (CVE-2024-3955) has been found in PiBrewing CraftBeerPi 4 software.

Improper Access Control vulnerability (CVE-2024-2759) has been found in Apaczka plugin for PrestaShop.

CERT Poland has received a report about three vulnerabilities (from CVE-2024-2463 to CVE-2024-2465) found in CDeX software.

CERT Poland has received a report about three vulnerabilities (from CVE-2024-1604 to CVE-2024-1606) found in BMC Control-M software.

RCE (Remote Code Execution) vulnerability has been found in the Laragon open source software (CVE-2024-0864).

CERT Poland has received a report about three vulnerabilities (CVE-2023-4537, CVE-2023-4538, CVE-2023-4539) found in Comarch ERP XL software.

CERT Poland has received a report about using hard-coded credentials in iZZi connect application and assigned it the number CVE-2024-0390.

One of the key cybersecurity challenges in Europe is reducing reliance on threat intelligence from non-EU countries. The FETTA (Federated European Team for Threat Analysis) project aims to address this issue by creating a federated team that spans across borders, providing Cyber Threat Intelligence (CTI) products and tooling.