Connect with us
An XML External Entity (XXE) injection bug in WordPress could allow attackers to remotely steal a victim’s files, researchers have revealed. Security researchers at SonarSource who discovered the...
As machine learning (ML) systems become a staple of everyday life, the security threats they entail will spill over into all kinds of applications we use,...
The exploitation of ProxyLogon vulnerabilities in Microsoft Exchange servers has exploded to an extent that threat actors are modifying their attacks to distribute a variety of...
Between October 2020 and February 2021, Unit 42 researchers periodically scanned and analyzed unsecured Kubernetes (also known as k8s) clusters on the internet. Kubernetes clusters can...
A recently discovered cryptomining botnet is actively scanning for vulnerable Windows and Linux enterprise servers and infecting them with Monero (XMRig) miner and self-spreader malware payloads. First spotted...
Computer scientists who submitted supposed security patches that actually added security vulnerabilities to the Linux kernel have been placed under investigation by their university. Qiushi Wu and Kangjie...
Open Bug Bounty has around 1,300 active bug bounty programs and 22,000 registered security researchers, and is approaching one million coordinated disclosures, resulting in around half a...
Games publisher Valve has belatedly resolved a critical security flaw in its popular Steam platform that it was first notified of two years ago. However, a...
WhiteHat Security released AppSec Stats Flash Vol. 4, the latest installment of the company’s monthly report and podcast reflecting on the current state of application security and the wider...
FireEye has released details of zero-day vulnerabilities in SonicWall’s Email Security software which allowed attackers to obtain access to corporate networks and install backdoors on victim devices. In...
