Connect with us
Microsoft security researchers have discovered over two dozen critical remote code execution (RCE) vulnerabilities in Internet of Things (IoT) devices and Operational Technology (OT) industrial systems. These...
Embedthis has patched a null byte injection vulnerability in GoAhead, the embedded web server deployed in hundreds of millions of devices. “A specially crafted URL with a %00 character embedded...
An XML External Entity (XXE) injection bug in WordPress could allow attackers to remotely steal a victim’s files, researchers have revealed. Security researchers at SonarSource who discovered the...
As machine learning (ML) systems become a staple of everyday life, the security threats they entail will spill over into all kinds of applications we use,...
The exploitation of ProxyLogon vulnerabilities in Microsoft Exchange servers has exploded to an extent that threat actors are modifying their attacks to distribute a variety of...
Between October 2020 and February 2021, Unit 42 researchers periodically scanned and analyzed unsecured Kubernetes (also known as k8s) clusters on the internet. Kubernetes clusters can...
A recently discovered cryptomining botnet is actively scanning for vulnerable Windows and Linux enterprise servers and infecting them with Monero (XMRig) miner and self-spreader malware payloads. First spotted...
Computer scientists who submitted supposed security patches that actually added security vulnerabilities to the Linux kernel have been placed under investigation by their university. Qiushi Wu and Kangjie...
Open Bug Bounty has around 1,300 active bug bounty programs and 22,000 registered security researchers, and is approaching one million coordinated disclosures, resulting in around half a...
Games publisher Valve has belatedly resolved a critical security flaw in its popular Steam platform that it was first notified of two years ago. However, a...
