Connect with us
Developers of the Symfony PHP framework have reversed a recent change that inadvertently turned off protection against cross-site request forgery (CSRF) attacks. Symfony is a popular PHP framework for web...
Cloudflare has launched a public bug bounty program to succeed the invite-only program in place since 2018. Critical bugs will command payouts of $3,000, high severity flaws can...
An uninitialized memory leak vulnerability in the H2O HTTP server project has been patched. In a technical write-up published on January 31, independent security researcher Emil Lerner said...
Researchers from firmware protection company Binarly have discovered critical vulnerabilities in the UEFI firmware from InsydeH2O used by multiple computer vendors such as Fujitsu, Intel, AMD, Lenovo,...
In this interview with Help Net Security, Malcolm Harkins, Chief Security & Trust Officer, Epiphany Systems, talks about the challenges security leaders must face when communicating with their company’s...
Developers have fixed a critical vulnerability in Essential Addons for Elementor, a popular WordPress plugin with more than one million active installations. The security flaw, discovered by Wai...
Microsoft says threat and vulnerability management support for Android and iOS has reached general availability in Microsoft Defender for Endpoint, the company’s enterprise endpoint security platform....
A newly discovered critical vulnerability in Samba could allow remote attackers to execute arbitrary code as root on affected installations. All versions of Samba prior to version 4.13.17...
A security researcher has publicly disclosed an exploit for a Windows local privilege elevation vulnerability that allows anyone to gain admin privileges in Windows 10. Using...
Xerox has addressed a vulnerability in its firmware that created a means for unauthenticated users to “remotely brick” some models of its network printers. The vulnerability (CVE-2022-23968) predominantly...
