Connect with us
A zero-day vulnerability in uClibc and uClibc-ng, a popular C standard library, could enable a malicious actor to launch DNS poisoning attacks on vulnerable IoT devices. The bug,...
The State Bar of Georgia in the US has suspended the normal operation of its website following “unauthorized access to its network”. The authorized access by as-yet...
A vulnerability in the domain name system (DNS) component of a popular C standard library that is present in a wide range of IoT products may put millions of...
Phishers are exploiting a flaw in Google’s SMTP relay service to send malicious emails spoofing popular brands. Avanan researcher Jeremy Fuchs says that starting in April...
Armis researchers have discovered five critical vulnerabilities in the implementation of TLS communications in multiple models of network switches. Collectively dubbed TLStorm 2.0, the vulnerabilities stem...
The Open Web Application Security Project (OWASP) has fixed a vulnerability in its Enterprise Security API (ESAPI) that, if left unresolved, might have been abused to run path traversal attacks. The issue,...
Open source software developers’ reputations could be abused to spread malicious NPM packages without their knowledge or consent, security researchers have revealed. On April 26, the...
A security vulnerability in a mobile device management software could allow attackers access to organizations’ internal and cloud networks, researchers warn. Discovered by Assetnote, the server-side...
Google has announced that all security researchers who report Android 13 Beta vulnerabilities through its Vulnerability Rewards Program (VRP) will get a 50% bonus on top...
Users of Synology and QNAP network-attached storage (NAS) devices are advised to be on the lookout for patches for several critical vulnerabilities affecting Netatalk, an open-source implemention...
Recent Comments