Connect with us
While investigating a misconfiguration flaw in Apache Airflow, researchers discovered many exposed instances over the web leaking sensitive information, including credentials, from well-known tech companies. Apache Airflow is a...
First appearing in March, the group has been leveraging ProxyShell against targets in 10 countries and employs a variety of malware to steal data from compromised...
In a major blunder, cryptocurrency platform Compound accidentally paid out $90 million among its users. Shortly after the mistake, the platform’s founder began asking users to...
This is the second pair of zero days that Google’s fixed this month, all four of which have been actively exploited in the wild. Google has...
More than 1,000 popular websites and 18 widely used JavaScript libraries are vulnerable to prototype pollution, an obscure attack technique that targets the structure of JavaScript objects,...
Organizations are urged to be more proactive when it comes to protecting against vulnerabilities, after a report found that malicious attackers routinely exploit unpatched systems. The 2021 Trustwave...
Recently, VMware disclosed that its vCenter Server is affected by an arbitrary file upload vulnerability — CVE-2021-22005 — in the Analytics service. A malicious cyber actor...
Multiple security vulnerabilities in open source status page system Cachet could allow an attacker to execute arbitrary code and steal sensitive data, researchers have warned. Cachet is a...
OWASP celebrated its 20th anniversary last week with a 24-hour webinar that saw the organization officially launch the top 10 web security vulnerabilities for 2021. The online...
Attackers are actively exploiting a critical vulnerability in VMware vCenter Server that exposes vulnerable enterprise networks to the risk of infiltration. The arbitrary file upload flaw (CVE-2021-22005) –...
Recent Comments