Experts found an RCE vulnerability in QNAP Q’center
Researchers at cybersecurity firm Shielder discovered a remote code execution on QNAP Q’center through a manipulated QPKG installation package. Researchers...
Researchers at cybersecurity firm Shielder discovered a remote code execution on QNAP Q’center through a manipulated QPKG installation package. Researchers...
Cybercriminals in Russian underground forums have been invited to take part in competitions for hacking cryptocurrency and NFT. Several Russian...
Summary: Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic...
Summary: Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request...
Summary: Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request...
Summary: An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could allow an...
Summary: Discord Recon Server is a bot that allows one to do one's reconnaissance process from one's Discord. A vulnerability...
Summary: In Versa Analytics, the cron jobs are used for scheduling tasks by executing commands at specific dates and times...
Last week on Malwarebytes Labs, we looked at an interesting trend in facial recognition technology—hint: it’s a slow fade, the...
By posing as a friend and asking for SMS security codes, scammers are continuing to target WhatsApp users and hijack...
Since worldwide lockdown and restrictions over workplaces, schools and universities have been imposed, people are facing several problems. However, it...
A cybercriminal gang known as TeamTNT has been ramping up its cloud-focused cryptojacking operations for some time now. TeamTNT operations...
Two local television news stations have been shut down since Thursday, experts say it because of a ransomware attack on...
In recent days the demand for oximeters has gone up owing to the deadly second wave of Covid-19 in India....
Note: Vsphere UI is Tomcat middleware by default, so arbitrary code can be executed in the manner of Tomcat RMI...
Krane is a simple Kubernetes RBAC static analysis tool. It identifies potential security risks in K8s RBAC design and makes...
This tool gives blue teams, SOC's, researchers and companies the ability to detect the active mutations of their domains, thus...
Check Point Research (CPR) said that the Chinese APT group SharpPanda spent three years developing a new backdoor to spy...
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
The REvil ransomware operators said in an interview on the “Russian OSINT” Telegram channel that they accidentally targeted United States-based...
The US Department of Justice (DOJ) announced the arrest of a Latvian woman for her alleged role in the development...
Summary: HTTP/2 (2.4.20 through 2.4.39) very early pushes, for example configured with "H2PushResource", could lead to an overwrite of memory...
Summary: In Apache HTTP Server 2.4.32-2.4.39, when mod_remoteip was configured to use a trusted intermediary proxy server using the "PROXY"...
Summary: Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker...