Connect with us
Approximately 300,000 MikroTik routers are vulnerable to critical vulnerabilities that malware botnets can exploit for cryptomining and DDoS attacks. MikroTik is a Latvian manufacturer of routers...
A Mirai-based botnet called ‘Moobot’ is spreading aggressively via exploiting a critical command injection flaw in the webserver of many Hikvision products. Hikvision is a state-owned...
Attackers could have modified the nameservers of any domain under Tonga’s country code top-level domain (ccTLD) due to a vulnerability in the TLD registrar’s website, security...
Developers have resolved a series of vulnerabilities in storage technologies from Kaseya, including two critical flaws that each posed a remote code execution risk. Two unauthenticated SQL injection...
A vulnerability in Jamf Pro, a popular mobile device management (MDM) platform for Apple devices, allowed attackers to stage server-side request forgery (SSRF) attacks on the application’s servers,...
Vulnerabilities in a recent version of CATIE Web, an online platform designed for the needs of older adults in assisted living settings, create a data exposure...
Researchers have discovered 27 vulnerabilities in Eltima SDK, a library used by numerous cloud providers to remotely mount a local USB device. Due to the pandemic...
Critical vulnerabilities in open source forum platform NodeBB could allow attackers to steal private information and access admin accounts, researchers have warned. NodeBB is a JavaScript-based...
An APT group is leveraging a critical vulnerability (CVE-2021-44077) in Zoho ManageEngine ServiceDesk Plus to compromise organizations in a variety of sectors, including defense and tech. “Successful exploitation...
UPDATED A tool has been launched with support from Google that scans Python environments for packages with known vulnerabilities. ‘Pip-audit’ leverages the PyPI JSON API to compare dependencies against...
