Connect with us
Miscreants are exploiting a newly-discovered vulnerability in the Nagios XI network monitoring software to run crypto-mining malware. The CVE-2021-25296 remote command injection vulnerability is being abused to deploy the XMRig...
Pulse Secure has shared mitigation measures for a zero-day authentication bypass vulnerability in the Pulse Connect Secure (PCS) SSL VPN appliance actively exploited in attacks against...
QNAP Systems has patched a pair of critical security vulnerabilities that could allow unauthenticated attackers to take control of its network-attached storage (NAS) devices. The flaws,...
Developers have fixed a serious web security flaw in a debug toolbar for the popular Django framework. The CVE-2021-30459 vulnerability in the open source Django Debug Toolbar arises...
Cybersecurity provider Juniper Networks addressed a critical vulnerability that could be exploited by attackers to remotely hijack or disrupt vulnerable devices. Cybersecurity vendor Juniper Networks addressed...
Microsoft has fixed a bug that could allow a threat actor to create specially crafted downloads that crash Windows 10 simply by opening the folder where...
Developers of Cockpit CMS, an open source content management system, have patched two security vulnerabilities following a disclosure by researchers at PT Swarm. The vulnerabilities could allow a...
The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) jointly released a Cybersecurity Advisory, “Russian SVR...
UPDATED Swiss Post has partnered with YesWeHack to launch a new public bug bounty program, the national postal service has announced. In a statement released last night (April...
A new GitHub repository has been created to document and track the times when vulnerability disclosure has gone sour. The Research Threats project details historical legal battles between researchers and...
