The Department of Homeland Security (DHS) has announced that the ‘Hack DHS’ program is now also open to bug bounty hunters willing to track down DHS...
NVIDIA has released a security advisory detailing what products are affected by the Log4Shell vulnerability that is currently exploited in a wide range of attacks worldwide....
It’s not over ‘till it’s over. And it’s not over. When the log4j vulnerability was first announced, there was a mad scramble. Millions of servers worldwide...
More than 35,000 Java packages, amounting to over 8% of the Maven Central repository (the most significant Java package repository), have been impacted by the recently disclosed log4j...
A basic Javascript WebSocket connection can trigger a local Log4j remote code attack via a drive-by compromise. Wonderful. Truly wonderful. It doesn’t rain, but it pours....
All set for the weekend? Not so fast. Yesterday, BleepingComputer summed up all the log4j and logback CVEs known thus far. Ever since the critical log4j zero-day saga started...
Threat Actors Have Switched from LDAP Callback URLs to RMI in Order to Increase Their Chances of Success. These past few days have been about the...
Conti ransomware operation is using the critical Log4Shell exploit to gain rapid access to internal VMware vCenter Server instances and encrypt virtual machines. The gang did...
Recent Comments