attackers
-
A critical security vulnerability has been recently disclosed by SolarWinds in its Platform product, a major player in IT management software.
-
A high-severity type confusion vulnerability in the V8 JavaScript engine of Google Chrome was recently discovered by independent researchers.
-
A critical vulnerability has been identified in the Mobile Security Framework (MobSF) that allows attackers to inject malicious scripts into the system.
-
A critical security flaw has been discovered in Mobile Security Framework (MobSF), a popular pen-testing and malware analysis tool, potentially exposing users to significant risks.
-
Veeam, a leading provider of backup and disaster recovery solutions, has disclosed two significant vulnerabilities affecting its Service Provider Console (VSPC), including a critical remote code execution (RCE) flaw.
-
A recent penetration test conducted on Salesforce Communities revealed critical vulnerabilities that could allow attackers to take over user accounts.
-
A significant vulnerability has been identified in TP-Link’s HomeShield function, affecting a range of their devices, including the Archer, Deco, and Tapo series routers. This vulnerability, labeled CVE-2024-53375, allows attackers to exploit a flaw in the device firmware, leading to the potential injection of malicious commands by unauthorized users. This article explores the details of…
-
A critical zero-day vulnerability has been discovered in TP-Link Archer, Deco, and Tapo series routers, potentially allowing attackers to inject malicious commands and fully compromise affected devices.
-
Popular FTP server ProFTPD has been found to contain a critical security flaw that could allow attackers to gain root access to vulnerable systems. The vulnerability, tracked as CVE-2024-48651 (CVSS 7.5), exists in the mod_sql component of ProFTPD versions 1.3.8b and earlier.
-
IBM disclosed multiple critical vulnerabilities affecting its Security Verify Access Appliance, potentially exposing users to severe security risks.
-
Several vulnerabilities affecting MediaTek processors have been identified, potentially allowing attackers to escalate privileges on affected devices.
-
A critical security vulnerability in Windows Server 2012 and Server 2012 R2 has been uncovered, allowing attackers to bypass essential security checks enforced by the Mark of the Web (MotW) feature.
-
A significant development for the tech community is the identification of 2 critical vulnerabilities in several versions of a widely-used GPU Driver Development Kit (DDK) that affect systems using Unified Memory Architecture (UMA).
-
In a recent study, cybersecurity researchers have unveiled a new side-channel attack that threatens the privacy of users interacting with large language models (LLMs).
-
A critical vulnerability in Microsoft’s Active Directory Certificate Services (AD CS) that could allow attackers to escalate privileges and potentially gain domain admin access.
-
A critical security flaw has been discovered in Zabbix, the popular open-source monitoring solution, potentially allowing attackers to gain full control over affected instances.
-
Hewlett Packard Enterprise (HPE) has disclosed multiple high-severity vulnerabilities in its Insight Remote Support (IRS) software, potentially allowing attackers to execute remote code, perform directory traversal, and access sensitive information.