Connect with us
More than 1,000 popular websites and 18 widely used JavaScript libraries are vulnerable to prototype pollution, an obscure attack technique that targets the structure of JavaScript objects,...
Organizations are urged to be more proactive when it comes to protecting against vulnerabilities, after a report found that malicious attackers routinely exploit unpatched systems. The 2021 Trustwave...
Recently, VMware disclosed that its vCenter Server is affected by an arbitrary file upload vulnerability — CVE-2021-22005 — in the Analytics service. A malicious cyber actor...
Multiple security vulnerabilities in open source status page system Cachet could allow an attacker to execute arbitrary code and steal sensitive data, researchers have warned. Cachet is a...
OWASP celebrated its 20th anniversary last week with a 24-hour webinar that saw the organization officially launch the top 10 web security vulnerabilities for 2021. The online...
Attackers are actively exploiting a critical vulnerability in VMware vCenter Server that exposes vulnerable enterprise networks to the risk of infiltration. The arbitrary file upload flaw (CVE-2021-22005) –...
Opera has patched a severe cross-site scripting (XSS) to remote code execution (RCE) web browser flaw. The browser-maker runs a technical blog series on the most interesting vulnerabilities...
Hundreds of thousands of email credentials, many of which double as Active Directory domain credentials, came through to credential-trapping domains in clear text. Guardicore security researcher...
SonicWall has issued a security notice about its SMA 100 series of appliances. The vulnerability could potentially allow a remote unauthenticated attacker the ability to delete arbitrary files...
Numerous vulnerabilities have been identified and fixed in Apache HTTP Server 2.4, including high-impact server-side request forgery (SSRF) and request smuggling bugs. The Apache HTTP Server Project is...
