Vulnerabilities Archives

SECURITYWEEK NETWORK:

ICS:

Hi, what are you looking for?

Vulnerabilities

CISA Warns of Old JBoss RichFaces Vulnerability Being Exploited in Attacks

CISA has added CVE-2018-14667, an old critical JBoss RichFaces flaw to its known exploited vulnerabilities catalog.

Eduard Kovacs2 days ago

Vulnerabilities

Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks

Hackers have set their sights on CVE-2023-34468, an RCE vulnerability in Apache NiFi that impacts thousands of organizations.

Ionut Arghire2 days ago

Vulnerabilities

Cloudflare Users Exposed to Attacks Launched From Within Cloudflare: Researchers

Gaps in Cloudflare’s security controls allow users to bypass protections and target others from the platform itself.

Ionut Arghire2 days ago

Cybercrime

Progress Software Patches Critical Pre-Auth Flaws in WS_FTP Server Product

Progress Software ships patches for critical-severity flaws in its WS_FTP file transfer software and warns that a pre-authenticated attacker could wreak havoc on the...

Ryan Naraine3 days ago

Vulnerabilities

Cisco Warns of IOS Software Zero-Day Exploitation Attempts

Cisco has released patches for vulnerability in the GET VPN feature of IOS and IOS XE software that has been exploited in attacks.

Ionut Arghire3 days ago

Vulnerabilities

Google Rushes to Patch New Zero-Day Exploited by Spyware Vendor

Google has rushed to patch a new Chrome zero-day vulnerability, tracked as CVE-2023-5217 and exploited by a spyware vendor.

Eduard Kovacs3 days ago

Vulnerabilities

Firefox 118 Patches High-Severity Vulnerabilities

Firefox 118 patches six high-severity vulnerabilities, including a memory leak potentially leading to sandbox escape.

Ionut Arghire4 days ago

Vulnerabilities

macOS 14 Sonoma Patches 60 Vulnerabilities

macOS 14 Sonoma has been officially released by Apple and the latest version of the operating system patches over 60 vulnerabilities.

Eduard Kovacs4 days ago

Vulnerabilities

In-the-Wild Exploitation Expected for Critical TeamCity Flaw Allowing Server Takeover

A critical vulnerability in the TeamCity CI/CD server could allow unauthenticated attackers to execute code and take over vulnerable servers.

Ionut Arghire6 days ago

Vulnerabilities

BIND Updates Patch Two High-Severity DoS Vulnerabilities

The latest BIND security updates include patches for two high-severity DoS vulnerabilities that can be exploited remotely.

Ionut ArghireSeptember 22, 2023

Risk Management

Faster Patching Pace Validates CISA’s KEV Catalog Initiative

CISA says Known Exploited Vulnerabilities Catalog has helped federal agencies significantly accelerate their vulnerability remediation pace.

Ionut ArghireSeptember 22, 2023

Mobile & Wireless

Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones

Apple has patched 3 zero-day vulnerabilities that have likely been exploited by a spyware vendor to hack iPhones.

Eduard KovacsSeptember 22, 2023

Page 1 of 58912 3 4 5 Next ›Last »

SECURITYWEEK NETWORK:

ICS:

Vulnerabilities

CISA Warns of Old JBoss RichFaces Vulnerability Being Exploited in Attacks

Vulnerabilities

Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks

Vulnerabilities

Cloudflare Users Exposed to Attacks Launched From Within Cloudflare: Researchers

Cybercrime

Progress Software Patches Critical Pre-Auth Flaws in WS_FTP Server Product

Vulnerabilities

Cisco Warns of IOS Software Zero-Day Exploitation Attempts

Vulnerabilities

Google Rushes to Patch New Zero-Day Exploited by Spyware Vendor

Vulnerabilities

Firefox 118 Patches High-Severity Vulnerabilities

Vulnerabilities

macOS 14 Sonoma Patches 60 Vulnerabilities

Vulnerabilities

In-the-Wild Exploitation Expected for Critical TeamCity Flaw Allowing Server Takeover

Vulnerabilities

BIND Updates Patch Two High-Severity DoS Vulnerabilities

Risk Management

Faster Patching Pace Validates CISA’s KEV Catalog Initiative

Mobile & Wireless

Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones

Featured

Artificial Intelligence

National Security Agency is Starting an Artificial Intelligence Security Center

Ransomware

Johnson Controls Hit by Ransomware

Nation-State

US State Department Says 60,000 Emails Taken in Alleged Chinese Hack

Endpoint Security

New GPU Side-Channel Attack Allows Malicious Websites to Steal Data

CISO Strategy

The CISO Carousel and Its Effect on Enterprise Cybersecurity

Mobile & Wireless

Predator Spyware Delivered to iOS, Android Devices via Zero-Days, MitM Attacks

Mobile & Wireless

Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones

Latest News

Funding/M&A

Bankrupt IronNet Shuts Down Operations

Cloud Security

AWS Using MadPot Decoy System to Disrupt APTs, Botnets

Artificial Intelligence

Generative AI Startup Nexusflow Raises $10.6 Million

Cybercrime

In Other News: RSA Encryption Attack, Meta AI Privacy, ShinyHunters Hacker Guilty Plea

Data Protection

Researchers Extract Sounds From Still Images on Smartphone Cameras

Government

A Key US Government Surveillance Tool Should Face New Limits, a Divided Privacy Oversight Board Says

ICS/OT

NIST Publishes Final Version of 800-82r3 OT Security Guide