Connect with us
Fortinet has confirmed today that a critical authentication bypass security vulnerability patched last week is being exploited in the wild. The security flaw (CVE-2022-40684) is an...
A zero-day remote code execution (RCE) vulnerability in Zimbra is being actively exploited in the wild. The bug was assigned the tracker CVE-2022-41352 in late September....
So-called ‘cloud native’ IT architectures are creating new threats for organizations, just as they look to update their technology infrastructure, security researchers have warned. Over half...
Matrix has patched five serious vulnerabilities in its end-to-end encryption that break the confidentiality and authentication of messages. The flaws would allow a malicious server to read user...
Two Italian security researchers have netted more than $46,000 in bounties for the discovery of an Akamai misconfiguration, despite receiving nothing from Akamai itself. Akamai is...
Four vulnerabilities in the widely adopted ‘Stacked VLAN’ Ethernet feature allows attackers to perform denial-of-service (DoS) or man-in-the-middle (MitM) attacks against network targets using custom-crafted packets....
Researchers are trialing methods to scale up the ability to roll out security fixes for vulnerable components across the open source ecosphere. Tools such as CodeQL (GitHub’s code query language)...
A newly-discovered vulnerability in Apache Pulsar allows a remote attacker to carry out a manipulator-in-the-middle (MitM) attack due to improper certificate validation. Apache Pulsar is a...
A now-patched version of Rancher, an open source Kubernetes management tool, stored secrets in plaintext, a security researcher has discovered. The issue affected various Kubernetes objects and could...
Sophos has patched an actively exploited remote code execution vulnerability (CVE-2022-3236) in its Firewall solutions, and has pushed the fix to customers who have automatic installation...
Recent Comments