Vulnerabilities Archives

SECURITYWEEK NETWORK:

Security Experts:

Hi, what are you looking for?

Cloud Security

Microsoft Cloud Vulnerability Led to Bing Search Hijacking, Exposure of Office 365 Data

An Azure Active Directory (AAD) misconfiguration leading to Bing.com compromise earned Wiz researchers a $40,000 bug bounty reward.

Ionut Arghire57 mins ago

Vulnerabilities

OpenAI Patches Account Takeover Vulnerabilities in ChatGPT

OpenAI resolved severe ChatGPT vulnerabilities that could have been exploited to take over accounts.

Ionut Arghire21 hours ago

Application Security

OpenSSL 1.1.1 Nears End of Life: Security Updates Only Until September 2023

OpenSSL 1.1.1 will reach EoL in six months and users are instructed to either upgrade to a newer version or pay for extended support...

Eduard Kovacs22 hours ago

iOS and Android zero-day exploits used for spyware

Cyberwarfare

Google Links More iOS, Android Zero-Day Exploits to Spyware Vendors

Google has linked several zero-day vulnerabilities used last year to target Android and iOS devices to commercial spyware vendors.

Eduard Kovacs1 day ago

Threat Intelligence

Most Weaponized Vulnerabilities of 2022 and 5 Key Risks: Report

A new research report discusses the five most exploited vulnerabilities of 2022, and the five key risks that security teams should consider.

Kevin Townsend1 day ago

Data Breaches

ChatGPT Data Breach Confirmed as Security Firm Warns of Vulnerable Component Exploitation

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

Eduard Kovacs2 days ago

Vulnerabilities

iOS Security Update Patches Exploited Vulnerability in Older iPhones

Apple has released security updates for older iPhones to address a vulnerability exploited in attacks.

Ionut Arghire2 days ago

Nation-State

Microsoft: No-Interaction Outlook Zero Day Exploited Since Last April

Microsoft says it has evidence that Russian APT actors were exploiting a nasty Outlook zero-day as far back as April 2022, upping the stakes...

Ryan Naraine3 days ago

Vulnerabilities

Hackers Earn Over $1 Million at Pwn2Own Exploit Contest

Security researchers raked in more than $1 million in prizes at this year's CanSecWest Pwn2Own software exploitation contest.

Ionut Arghire3 days ago

Ransomware

GoAnywhere Zero-Day Attack Hits Major Orgs

Several major organizations are confirming impact from the latest zero-day exploits hitting Fortra's GoAnywhere software.

Ionut Arghire3 days ago

IoT Security

Tesla Hacked Twice at Pwn2Own Exploit Contest

Researchers at offensive hacking shop Synacktiv demonstrated successful exploit chains and were able to “fully compromise” Tesla’s newest electric car and take top billing...

Ryan Naraine6 days ago

Vulnerabilities

Critical WooCommerce Payments Vulnerability Leads to Site Takeover

A critical-severity flaw in the WooCommerce Payments WordPress plugin could allow attackers to take over site administrator accounts.

Ionut Arghire6 days ago

Page 1 of 56612 3 4 5 Next ›Last »

SECURITYWEEK NETWORK:

Security Experts:

Cloud Security

Microsoft Cloud Vulnerability Led to Bing Search Hijacking, Exposure of Office 365 Data

Vulnerabilities

OpenAI Patches Account Takeover Vulnerabilities in ChatGPT

Application Security

OpenSSL 1.1.1 Nears End of Life: Security Updates Only Until September 2023

Cyberwarfare

Google Links More iOS, Android Zero-Day Exploits to Spyware Vendors

Threat Intelligence

Most Weaponized Vulnerabilities of 2022 and 5 Key Risks: Report

Data Breaches

ChatGPT Data Breach Confirmed as Security Firm Warns of Vulnerable Component Exploitation

Vulnerabilities

iOS Security Update Patches Exploited Vulnerability in Older iPhones

Nation-State

Microsoft: No-Interaction Outlook Zero Day Exploited Since Last April

Vulnerabilities

Hackers Earn Over $1 Million at Pwn2Own Exploit Contest

Ransomware

GoAnywhere Zero-Day Attack Hits Major Orgs

IoT Security

Tesla Hacked Twice at Pwn2Own Exploit Contest

Vulnerabilities

Critical WooCommerce Payments Vulnerability Leads to Site Takeover

Featured

Malware & Threats

3CX Confirms Supply Chain Attack as Researchers Uncover Mac Component

Risk Management

Musk, Scientists Call for Halt to AI Race Sparked by ChatGPT

Incident Response

Microsoft Puts ChatGPT to Work on Automating Cybersecurity

Nation-State

Microsoft: No-Interaction Outlook Zero Day Exploited Since Last April

Application Security

GitHub Suspends Repository Containing Leaked Twitter Source Code

IoT Security

Tesla Hacked Twice at Pwn2Own Exploit Contest

Endpoint Security

Intel Boasts Attack Surface Reduction With New 13th Gen Core vPro Platform

Latest News

Malware & Threats

Chinese Cyberspies Use ‘Melofee’ Linux Malware for Stealthy Attacks

Endpoint Security

Why Endpoint Resilience Matters

Government

UK Introduces Mass Surveillance With Online Safety Bill

Risk Management

Musk, Scientists Call for Halt to AI Race Sparked by ChatGPT

Supply Chain Security

Malware Hunters Spot Supply Chain Attack Hitting 3CX Desktop App

Funding/M&A

LeapXpert Banks $22M Funding to Secure Corporate Messaging With Consumer Apps

Cybersecurity Funding

Blockchain Security Firm True I/O Raises $9 Million