Cloud Security Docker Patches Critical AuthZ Plugin Bypass Vulnerability Dating Back to 2018 The vulnerability, tagged as CVE-2024-41110 with a CVSS severity score of 10/10, was originally found and fixed in 2018. Ryan NaraineJuly 24, 2024
Vulnerabilities Organizations Warned of Exploited Twilio Authy Vulnerability CISA warns of the in-the-wild exploitation of CVE-2024-39891, a Twilio Authy bug leading to the disclosure of phone number data. Ionut ArghireJuly 24, 2024
ICS/OT Siemens Patches Power Grid Product Flaw Allowing Backdoor Deployment Siemens has released out-of-band updates to patch two potentially serious vulnerabilities in products used in energy supply. Eduard KovacsJuly 24, 2024
Vulnerabilities Chrome 127 Patches 24 Vulnerabilities Chrome 127 was promoted to the stable channel with patches for 24 vulnerabilities, including 16 reported externally. Ionut ArghireJuly 24, 2024
Vulnerabilities Recent Splunk Enterprise Vulnerability Easy to Exploit: Security Firm SonicWall warns that a simple GET request is enough to exploit a recent Splunk Enterprise vulnerability. Ionut ArghireJuly 19, 2024
Vulnerabilities SolarWinds Patches Critical Vulnerabilities in Access Rights Manager SolarWinds has released patches for 13 vulnerabilities in Access Rights Manager, including eight critical bugs. Ionut ArghireJuly 19, 2024
Vulnerabilities $300,000 Offered for WhatsApp Exploit at Pwn2Own Ireland The Pwn2Own hacking competition is moving to Ireland and $300,000 is being offered for a zero-click exploit against WhatsApp. Eduard KovacsJuly 19, 2024
Vulnerabilities Recent Adobe Commerce Vulnerability Exploited in Wild Adobe and CISA warn that a recent Adobe Commerce vulnerability has been exploited in the wild. Ionut ArghireJuly 18, 2024
Vulnerabilities Ivanti Issues Hotfix for High-Severity Endpoint Manager Vulnerability Ivanti has released a hotfix to address an SQL injection vulnerability in Endpoint Manager (EPM) 2024 flat. Ionut ArghireJuly 18, 2024
Vulnerabilities Cisco Patches Critical Vulnerabilities in Secure Email Gateway, SSM Cisco has released patches for critical vulnerabilities in Secure Email Gateway and Smart Software Manager On-Prem. Ionut ArghireJuly 18, 2024
Incident Response Atlassian Patches High-Severity Vulnerabilities in Bamboo, Confluence, Jira Atlassian releases security-themed updates to fix several high-severity vulnerabilities in its Bamboo, Confluence and Jira products. Ionut ArghireJuly 17, 2024
Vulnerabilities Apache HugeGraph Vulnerability Exploited in Wild A recently patched Apache HugeGraph-Server vulnerability tracked as CVE-2024-27348 is being targeted in attacks. Eduard KovacsJuly 17, 2024