Vulnerabilities Court Data Exposed by Vulnerabilities in Software Used by US Government: Researcher Several e-filing and record management systems used in various US states were affected by serious vulnerabilities exposing sensitive data. Eduard Kovacs7 days ago
Vulnerabilities Adobe Commerce Flaw Exploited to Compromise Thousands of Sites Over 4,000 Adobe Commerce and Magento stores unpatched against an exploited vulnerability have been compromised. Ionut Arghire7 days ago
Vulnerabilities Chrome, Firefox Updates Patch High-Severity Vulnerabilities The latest Chrome and Firefox security updates address multiple high-severity vulnerabilities affecting the popular web browsers. Ionut Arghire7 days ago
Vulnerabilities After Code Execution, Researchers Show How CUPS Can Be Abused for DDoS Attacks Over 58,000 internet-exposed CUPS hosts can be abused for significant DDoS attacks, according to Akamai. Eduard KovacsOctober 2, 2024
Email Security Critical Zimbra Vulnerability Exploited One Day After PoC Release A critical-severity vulnerability in Zimbra has been exploited in the wild to deploy a web shell on vulnerable servers. Ionut ArghireOctober 2, 2024
Vulnerabilities Organizations Warned of Exploited SAP, Gpac and D-Link Vulnerabilities CISA warns that years-old vulnerabilities in SAP Commerce, Gpac framework, and D-Link DIR-820 routers are exploited in the wild. Ionut ArghireOctober 1, 2024
Vulnerabilities Highly Anticipated Linux Flaw Allows Remote Code Execution, but Less Serious Than Expected A researcher has disclosed the details of an unpatched vulnerability that was expected to pose a serious threat to many Linux systems. Eduard KovacsSeptember 27, 2024
Artificial Intelligence Critical Nvidia Security Flaw Exposes Cloud AI Systems to Host Takeover Nvidia confirms risk of code execution, denial of service, escalation of privileges, information disclosure, and data tampering. CVSS 9/10. Ryan NaraineSeptember 26, 2024
Vulnerabilities Cisco Patches High-Severity Vulnerabilities in IOS Software Cisco has released patches for seven high-severity vulnerabilities affecting products running IOS and IOS XE software. Ionut ArghireSeptember 26, 2024
Vulnerabilities Second Pwn2Own Automotive Contest Offers Over $1 Million in Prizes ZDI offers over $1 million in cash and prizes at the next Pwn2Own Automotive hacking contest, set for January 2025 in Tokyo. Ionut ArghireSeptember 25, 2024
Vulnerabilities Third Recent Ivanti Vulnerability Exploited in the Wild CVE-2024-7593 is the third Ivanti product vulnerability patched in recent months that has been exploited in the wild. Eduard KovacsSeptember 25, 2024
Vulnerabilities CERT/CC Warns of Unpatched Critical Vulnerability in Microchip ASF Microchip Advanced Software Framework (ASF) 3 is affected by a critical vulnerability that could lead to remote code execution. Eduard KovacsSeptember 23, 2024