Norwegian software firm Ibexa is urging users to apply a new patch immediately to resolve a sensitive data leak vulnerability impacting its Digital Experience Platform (DXP)....
Security researchers have discovered a serious vulnerability in HyperSQL DataBase (HSQLDB) that poses a remote code execution (RCE) risk. HSQLDB offers a Java-based SQL relational database...
Windows servers running Microsoft Office Online Server can be exploited to achieve server-side request forgery (SSRF) and thereafter remote code execution (RCE) on the host, according...
Security certification body (ISC)² is being accused of promoting a series of ‘undemocratic’ changes to its bylaws. (ISC)² – the International Information System Security Certification Consortium...
Researchers warn that there has been a 633% year-over-year increase in cyber-attacks launched against open source software repositories. Open source components, frameworks, libraries, and whole platforms are relied...
A super-critical vulnerability in Adobe Magento could allow attackers to fully compromise e-commerce platforms, according to the security researcher who unearthed the bug. Adobe has urged...
Hidden DNS (domain name system) resolvers create a means for carrying out email redirection and account takeover attacks, security researchers warn. In a technical blog post,...
So-called ‘cloud native’ IT architectures are creating new threats for organizations, just as they look to update their technology infrastructure, security researchers have warned. Over half...
https://player.vimeo.com/video/751637270?h=a8c14c5f43&badge=0&autopause=0&player_id=0&app_id=58479&dnt=1 In this Help Net Security video, Igal Lytzki, Incident Response Analyst at Perception Point, discusses a recent Remcos RAT malware campaign and more broadly, the threat...
An indirect object reference (IDOR) vulnerability in the Squiz Matrix web content management system (CMS) could have enabled attackers to seize admin rights on targeted installations....
Recent Comments