Connect with us
Security researchers have uncovered a stored cross-site scripting (XSS) vulnerability in Microweber, an open source website builder and content management system (CMS). The security issue, discovered by researchers...
Sophos has resolved a severe vulnerability in the software running on its all-in-one Universal Threat Management (UTM) appliances. A post-authentication SQL injection vulnerability in the Mail Manager component of the...
A maintainer who sabotaged a popular NPM package in protest at Russia’s invasion of Ukraine has been criticised for undermining trust in the open source ecosystem. ‘RIAEvangelist’...
Western Digital’s EdgeRover desktop app for both Windows and Mac are vulnerable to local privilege escalation and sandboxing escape bugs that could allow the disclosure of sensitive...
A popular software library for rendering PDFs from HTML documents suffers from an unpatched vulnerability that poses a remote code execution (RCE) risk, security researchers claim. Flaws in...
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added fifteen additional flaws to its list of actively exploited vulnerabilities known to be used in cyberattacks....
OpenSSL has released a security update to address a vulnerability in the library that, if exploited, activates an infinite loop function and leads to denial of...
In this interview with Help Net Security, Stephen Carter, CEO at Nucleus Security, explains the importance of having a vulnerability management strategy within an organization, what are the biggest...
A year-on-year surge has been observed in the number of security vulnerabilities found in the WordPress ecosystem. The number of flaws reported in plugins and themes for WordPress...
Users of Parse Server, a popular API server module for Node/Express, are being urged to immediately apply a fix for a remote code execution (RCE) vulnerability. Discovered by security researchers...
