A path traversal vulnerability in RarLab’s UnRAR binary can lead to remote code execution (RCE) on business email platform Zimbra and can potentially affect other software. The UnRAR...
Security researchers have uncovered multiple unprotected properties to bypass Trusted Types, a widely used web security mechanism, in some scenarios. Trusted Types is an important technology that...
https://player.vimeo.com/video/724383738?h=340a6c4c83&badge=0&autopause=0&player_id=0&app_id=58479&dnt=1 In this video for Help Net Security, Andy Thompson, Global Research Evangelist at CyberArk, talks about Wi-Fi security. He walks you through various protocols we see...
https://player.vimeo.com/video/724364681?h=4df3395b6d&badge=0&autopause=0&player_id=0&app_id=58479&dnt=1 Sonatype researchers have discovered Python packages that contain malicious code that peek into and expose secret AWS credentials, network interface information, and environment variables. All...
What is the price for personal information, including credit cards and bank accounts, on the dark web? Privacy Affairs researchers concluded criminals using the dark web need...
Security researchers have uncovered 56 flaws affecting devices from 10 OT (operational technology) vendors in what’s billed as the single largest vulnerability disclosure to affect the computing components...
Vulnerabilities in the web interface of Jacuzzi’s SmartTub app could have enabled an attacker to view and potentially manipulate the personal data of hot tub owners, a...
Scroll to Text Fragment (STTF), a feature that can be used to directly browse to a specific text fragment on a webpage, can be exploited to...
Security researchers have apparently discovered more than 1.6 million secrets leaked by websites, including more than 395,000 exposed by the one million most popular domains. Modern web applications...
A cross-site request forgery (CSRF) vulnerability in Reddit forced users to view adult content. The medium severity security bug disabled the option to turn on certain settings, meaning...
Recent Comments