Connect with us
Critical vulnerabilities in elFinder, the popular open source web file manager, can enable unauthenticated attackers to execute arbitrary PHP code on servers hosting elFinder’s back-end PHP connector. JavaScript-based...
A vulnerability in the Universal Plug-and-Play (UPnP) service of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute...
A Razer Synapse zero-day vulnerability has been disclosed on Twitter, allowing you to gain Windows admin privileges simply by plugging in a Razer mouse or keyboard....
Microsoft was informed about the vulnerability by Google but the company claimed it to be a “non-issue” and that it “will not fix it.” On Thursday,...
A new ransomware gang known as LockFile encrypts Windows domains after hacking into Microsoft Exchange servers using the recently disclosed ProxyShell vulnerabilities. ProxyShell is the name...
Yaron Kassner, CTO at Silverfort, discusses authentication-bypass bugs in Cisco ASA, F5 Big-IP, IBM QRadar and Palo Alto Networks PAN-OS. Authentication is the front gate to...
Microsoft first dismissed the elevation of privilege flaw but decided yesterday that attackers injecting malicious code is worthy of attention. It looked like Google Project Zero...
A vulnerability has been discovered in Fortinet’s web application firewall (WAF) that allows attackers to run arbitrary commands on devices and servers running the security software,...
BlackBerry publicly disclosed that its QNX Real Time Operating System (RTOS) is affected by a BadAlloc vulnerability—CVE-2021-22156, with a CVSS score of 9. BadAlloc is a collection of...
A cross-site scripting (XSS) vulnerability in a popular WordPress plugin could allow an attacker to completely take over a website, researchers have warned. The flaw made it possible...
