Connect with us
Fortinet is urging customers to patch a critical authentication bypass vulnerability that has already been exploited in the wild. Earlier this month, the networking vendor patched the bug, CVE-2022-40684,...
Windows servers running Microsoft Office Online Server can be exploited to achieve server-side request forgery (SSRF) and thereafter remote code execution (RCE) on the host, according...
A super-critical vulnerability in Adobe Magento could allow attackers to fully compromise e-commerce platforms, according to the security researcher who unearthed the bug. Adobe has urged...
Hidden DNS (domain name system) resolvers create a means for carrying out email redirection and account takeover attacks, security researchers warn. In a technical blog post,...
A bug in vm2, a popular JavaScript sandbox environment, could allow malicious actors to bypass sandbox protections and stage remote code execution (RCE) on the host device. Vm2,...
Researchers are trialing methods to scale up the ability to roll out security fixes for vulnerable components across the open source ecosphere. Tools such as CodeQL (GitHub’s code query language)...
A recently resolved vulnerability in Sophos Firewall has been abused by attackers in targeted attacks, the vendor warns. The critical vulnerability (CVE-2022-3236) poses a remote code execution (RCE) risk. Sophos...
Uber is investigating claims its systems have been compromised by an attacker. The attacker offered evidence that they had successfully breached many of the ride-sharing app firm’s internal...
Security researchers from IHTeam have uncovered a serious vulnerability in a plugin to the pfSense firewall technology. The affected pfBlockerNG plugin is not installed by default...
UPDATED WordPress websites running BackupBuddy have been urged to update the plugin amid reports of active exploitation of a high severity arbitrary file download/read vulnerability. BackupBuddy, which is...
Recent Comments