Connect with us
The DHS body’s primary focus will be on addressing vulnerabilities in the commonly used log4j software library, but will also incorporate findings on the ‘SolarWinds’ hack....
Implementation flaws in Google Drive integrations created server-side request forgery (SSRF) vulnerabilities in a variety of applications, a security researcher has revealed. This included Dropbox’s digital signature platform,...
Multiple vulnerabilities in Cisco Small Business routers could allow any unauthenticated actor to potentially plant a backdoor in devices, allowing for persistent access to internal networks....
The Open Source Security Foundation (OpenSSF) has launched a project to improve the security of the open source software ecosystem, backed by a $5 million investment from Microsoft...
A cross-site scripting (XSS) Zimbra security vulnerability is actively exploited in attacks targeting European media and government organizations. Zimbra is an email and collaboration platform that...
Accounting and tax software provider Intuit has notified customers of an ongoing phishing campaign impersonating the company and trying to lure victims with fake warnings that their...
Target, one of the largest American department store chains and e-commerce retailers, has open sourced ‘Merry Maker’ – its years-old proprietary scanner for payment card skimming....
A state-backed Chinese APT actor tracked as ‘Antlion’ has been using a new custom backdoor called ‘xPack’ against financial organizations and manufacturing companies. The malware has...
The rising adoption of multi-factor authentication (MFA) for online accounts pushes phishing actors to use more sophisticated solutions to continue their malicious operations, most notably reverse-proxy...
Cisco has patched 14 vulnerabilities affecting some of its Small Business RV Series routers, the worst of which may allow attackers to achieve unauthenticated remote code...
