Connect with us
The most popular open source repositories are rife with misconfigurations that leave countless downstream applications at risk from dependency confusion attacks, security researchers have discovered. Of the 1,000 organizations whose...
An attack chain of bugs leading to remote code execution (RCE) on QNAP NAS devices has been resolved in QNAP’s MusicStation and Malware Remover software. QNAP’s Music Station...
Two newly patched bugs in Rocket.Chat made it possible for attackers to mount a series of attacks that ultimately led to remote code execution (RCE) on host servers....
Novel credit card skimming malware that easily evades client-side detection has been deployed against e-commerce sites running unsupported versions of Magento, security researchers have found. The campaign has...
While it’s true that threat hunting, incident response, and threat research all have their foundations in science (operating system theory and architecture, computer language and compilation, protocols,...
An organization involved in COVID-19 research lost a week’s worth of critical data after a Ryuk attack which used a stolen password, according to Sophos. Cybersecurity vendor...
Engineers at Google, Mozilla, and security firm Cure53 have come together to develop an application programming interface (API) that provides a systematic solution to HTML sanitization....
Security researchers are warning that a software supply chain vulnerability impacting PHP could put millions of websites at risk. The flaw, discovered by security researchers at SonarSource, affects...
Security researchers have gone public with troubling privacy issues in Google’s support for contact-tracing apps that they claim can expose users’ information. AppCensus, a privacy analysis company, discovered...
An XML External Entity (XXE) injection bug in WordPress could allow attackers to remotely steal a victim’s files, researchers have revealed. Security researchers at SonarSource who discovered the...
Recent Comments