Security researchers have discovered a serious vulnerability in HyperSQL DataBase (HSQLDB) that poses a remote code execution (RCE) risk. HSQLDB offers a Java-based SQL relational database...
Windows servers running Microsoft Office Online Server can be exploited to achieve server-side request forgery (SSRF) and thereafter remote code execution (RCE) on the host, according...
A super-critical vulnerability in Adobe Magento could allow attackers to fully compromise e-commerce platforms, according to the security researcher who unearthed the bug. Adobe has urged...
Hidden DNS (domain name system) resolvers create a means for carrying out email redirection and account takeover attacks, security researchers warn. In a technical blog post,...
Scroll to Text Fragment (STTF), a feature that can be used to directly browse to a specific text fragment on a webpage, can be exploited to...
Some attacks on smartphones require physical access to the device and interactions with the touchscreen. So your phone is more or less safe as long as...
A new way of carrying out phishing attacks is being adopted by criminal groups – and it could make threat actors virtually undetectable, security researchers warn....
Chinese state-sponsored attackers are placing a heavy reliance on known but commonly unpatched vulnerabilities to “establish a broad network of compromised infrastructure”, a US federal security agency...
A security researcher found a fresh way to exploit a recently patched deserialization bug in Microsoft SharePoint and stage remote code execution (RCE) attacks. The flaw, a variant...
The REvil ransomware has a vulnerability that can be exploited to deactivate the malware before it encrypts files on an infected computer, a security researcher has...
Recent Comments