Connect with us
A developer has released a new tool for Go applications that is designed to combat web-based attacks. Developer and security engineer Dwi Siswanto revealed the open source teler-waf...
A pre-authentication remote code execution (RCE) exploit has landed for popular web hosting platform Control Web Panel (CWP). The corresponding vulnerability in CWP 7 was patched and then...
Tesla is one of several organizations to remedy cross-origin resource sharing (CORS) misconfigurations after security researchers proved they could exfiltrate data from the carmaker’s internal network. That’s according...
The web applications and APIs of major car manufacturers, telematics (vehicle tracking and logging technology) vendors, and fleet operators were riddled with security holes, security researchers warn. In...
Taiwan-based NAS maker Synology has addressed a maximum (10/10) severity vulnerability affecting routers configured to run as VPN servers. The vulnerability, tracked as CVE-2022-43931, was discovered...
U.S. rail and locomotive company Wabtec Corporation has disclosed a data breach that exposed personal and sensitive information. Wabtec is a U.S.-based public company producing state-of-the-art...
More than 60,000 Microsoft Exchange servers exposed online are yet to be patched against the CVE-2022-41082 remote code execution (RCE) vulnerability, one of the two security...
Password reuse continues to be a threat to companies everywhere—a recent report found that 64% of people continue to use passwords that have been exposed in a breach....
GreyNoise Intelligence unveiled its research report that dives deep into the most significant threat detection events of the past 12 months. “When it comes to cybersecurity,...
The ALPHV ransomware operators have gotten creative with their extortion tactic and, in at least one case, created a replica of the victim’s site to publish...
