VMware addressed a high severity vulnerability in vRealize Operations that could allow stealing admin credentials from vulnerable servers. VMware has published...
Summary: A vulnerability in the Cisco IOx Application Framework of Cisco 809 Industrial Integrated Services Routers (Industrial ISRs), Cisco 829...
Summary: An issue was discovered in SaltStack Salt before 3002.5. The minion's restartcheck is vulnerable to command injection via a...
Summary: In SaltStack Salt before 3002.5, when authenticating to services using certain modules, the SSL certificate is not always validated....
Summary: Redis is an open-source, in-memory database that persists on disk. In affected versions of Redis an integer overflow bug...
Summary: Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length...
The education sector’s cybersecurity problem has compounded in the last few months. A recent warning from the FBI, in mid-March,...
You’ve probably heard that PHP’s Git repository was recently compromised, allowing backdoors to be added to the code located there....
The server of Maharashtra Industrial Development Corporation was hacked as of late. The ransomware 'SYNack' affected the applications and database...
Security researchers have unearthed a critical networking flaw CVE-2021-28918 in a popular npm library netmask. Netmask is commonly utilized by...
A cyber-attack on Australia's Channel Nine TV network has interrupted live broadcasts, raising questions about the country's exposure to hackers....
In the most recent software supply chain assault, the official PHP Git repository was hacked and the code base altered....
Why is the campaign called A41APT? In 2019, we observed an APT campaign targeting multiple industries, including the Japanese manufacturing...
ClearURLs is an add-on based on the new WebExtensions technology and is optimized for Firefox and Chrome based browsers. This...
Use Android as Rubber Ducky against another Android device HID attack using AndroidUsing Android as Rubber Ducky against Android. This...
This blog post is part of an ongoing series about evaluating Managed Detection and Response (MDR) providers. For more insights,...
Researchers discovered a reflected XSS vulnerability in the Ivory Search WordPress Plugin installed on over 60,000 sites. On March 28,...
Linux kernel recently fixed a couple of vulnerabilities that could allow an attacker to bypass mitigations designed to protect devices...
A vulnerability in the netmask npm package, tracked as CVE-2021-28918, could be exploited by attackers to conduct a variety of...
Experts discovered that 30 malicious Docker images with a total number of 20 million pulls were involved in cryptomining operations. Palo...
Harris Federation, the multi-academy trust of 50 primary and secondary academies in and around London, was hit by a ransomware...
China-linked APT group RedEcho has taken down its attack infrastructure after it was exposed at the end of February by...
Summary: Sensitive information disclosure and weak encryption in Pyrescom Termod4 time management devices before 10.04k allows remote attackers to read...
Summary: Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16958, CVE-2020-16959, CVE-2020-16960, CVE-2020-16961, CVE-2020-16962, CVE-2020-16963....
