A vulnerability in Node.js that could allow a remote actor to perform domain hijacking attacks has been fixed. The maintainers of the JavaScript runtime environment have released a security...
A few months ago, when the ProxyLogon vulnerabilities were disclosed in Microsoft Exchange Servers, a large number of attackers had started using it for launching thousands of attack...
Security researchers have achieved remote code execution (RCE) on web hosting platform cPanel & WHM after bypassing CSRF protections and escalating privileges via a stored cross-site scripting (XSS)...
The Armis security firm has discovered nine severe vulnerabilities in the Pneumatic Tubing System (PTS). This system is used in more than 3,000 hospitals in the...
The commonly used “net” library in Go and Rust languages is also impacted by the mixed-format IP address validation vulnerability. The bug has to do with how net treats IP addresses as...
In a Thursday security advisory update, Cisco revealed that a remote code execution (RCE) vulnerability in the Adaptive Security Device Manager (ADSM) Launcher disclosed last month...
The latest variants of the Monero-mining malware exploit known web server bugs and add efficiency to the mining process. A freshly discovered variant of the Golang...
Vulnerabilities in Signal, Facebook Messenger, Google Duo, and more all point to a pervasive privacy issue. IN EARLY 2019, a bug in group FaceTime calls would have...
Threat actors actively exploit a critical authentication bypass vulnerability impacting home routers with Arcadyan firmware to take them over and deploy Mirai botnet malicious payloads. The...
The commonly used “net” library in Go and Rust languages is also impacted by the mixed-format IP address validation vulnerability. The bug has to do with how net treats IP addresses as...
Recent Comments