Connect with us
The Office of the National Cyber Director wants software providers to “contribute back to the security of the open source software they depend upon.” The federal...
An unfixed hardcoded encryption key flaw in Dell’s Compellent Integration Tools for VMware (CITV) allows attackers to decrypt stored vCenter admin credentials and retrieve the cleartext...
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has discovered a new backdoor malware named ‘Whirlpool’ used in attacks on compromised Barracuda Email Security Gateway (ESG)...
A senior research scientist at Google has devised new CPU attacks to exploit a vulnerability dubbed Downfall that affects multiple Intel microprocessor families and allows stealing...
Today is Microsoft’s August 2023 Patch Tuesday, with security updates for 87 flaws, including two actively exploited and twenty-three remote code execution vulnerabilities. While twenty-three RCE...
Microsoft today released a defense-in-depth update for Microsoft Office that prevents exploitation of a remote code execution (RCE) vulnerability tracked as CVE-2023-36884 that threat actors have...
Microsoft’s Visual Studio Code (VS Code) code editor and development environment contains a flaw that allows malicious extensions to retrieve authentication tokens stored in Windows, Linux,...
SAP has released patches for 16 vulnerabilities with Critical, High, Medium, and Low severities. The CVSS scores for these vulnerabilities are between 3.7 (Low) to 9.8...
The top 5 security vulnerabilities for 2023 have been revealed by a recent study, with Apache and OpenSSH services being the most vulnerable. MOVEit and Barracuda Networks’ attacks...
Phantom Speculation and Training in Transient Execution are two novel techniques that have been identified to leak arbitrary information from all modern CPUs. A new technique...
