Vulnerabilities Archives

SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

Vulnerabilities

Attackers Exploit Gravity SMTP Plugin Flaw to Harvest Valuable WordPress Data

Vulnerable WordPress plugin iterations leak API keys, secrets, tokens, server information, and other data.

Ionut Arghire1 hour ago

Malware & Threats

In Other News: Apple Patches Beats Eavesdropping Flaw, DOT Closes Delta CrowdStrike Probe, AWS Continuum

Other noteworthy stories that might have slipped under the radar: Android TV botnet Popa linked to Israeli firm, Velvet Ant maintained decade-long stealth, unpatched...

SecurityWeek News3 days ago

Vulnerabilities

Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure

CISA has given federal agencies only three days to patch CVE-2026-20253, which can be exploited for unauthenticated remote code execution.

Eduard Kovacs3 days ago

Vulnerabilities

Majority of Internet-Accessible REDCap Servers Outdated

These servers are regularly targeted by China-linked UNC6508 for initial access and backdoor deployment.

Ionut Arghire4 days ago

Management & Strategy

HackerOne Says Bug Bounty Hunters Earned $100 Million Through Its Platform

HackerOne announced on Wednesday that its bug bounty platform has helped researchers earn more than $100 million since the company started paying hackers in...

Eduard KovacsMay 27, 2020

Vulnerabilities

Apple Patches Over 40 Vulnerabilities in macOS Catalina

Apple this week released security updates to address over fifty vulnerabilities impacting macOS and Safari.

Ionut ArghireMay 27, 2020

Management & Strategy

Qatar Tracing App Flaw Exposed 1 Mn Users’ Data: Amnesty

A security flaw in Qatar's controversial mandatory coronavirus contact tracing app exposed sensitive information of more than one million users, rights group Amnesty International...

AFPMay 27, 2020

Mobile & Wireless

StrandHogg 2.0 Vulnerability Allows Hackers to Hijack Android Devices

Researchers at Norwegian app security company Promon on Tuesday disclosed the existence of a serious Android vulnerability that allows a piece of malware to...

Eduard KovacsMay 26, 2020

ICS/OT

Vulnerabilities Found in Emerson SCADA Product Made for Oil and Gas Industry

A researcher from Kaspersky has identified several vulnerabilities in Emerson OpenEnterprise, a supervisory control and data acquisition (SCADA) solution designed for the oil and...

Eduard KovacsMay 26, 2020

Mobile & Wireless

Jailbreak Tool Updated to Unlock iPhones Running iOS 13.5

The unc0ver jailbreaking tool has been updated with support for the latest iOS releases, courtesy of a zero-day vulnerability, the team behind the utility...

Ionut ArghireMay 26, 2020

Cybercrime

Industry Reactions to Verizon 2020 DBIR: Feedback Friday

Verizon this week published its 2020 Data Breach Investigation Report (DBIR). The report is based on insights from thousands of incidents and it’s more...

Eduard KovacsMay 22, 2020

Cybercrime

Hackers Attempted to Deploy Ransomware in Attacks Targeting Sophos Firewalls

Malicious actors targeting a zero-day vulnerability in Sophos XG Firewall appliances last month attempted to deploy ransomware after Sophos started taking measures to neutralize...

Ionut ArghireMay 22, 2020

ICS/OT

Hackers Can Target Rockwell Industrial Software With Malicious EDS Files

Rockwell Automation recently patched two vulnerabilities related to EDS files that can allow malicious actors to expand their access within a targeted organization’s OT...

Eduard KovacsMay 22, 2020

Vulnerabilities

Cisco Patches Critical Vulnerability in Contact Center Software

Cisco this week released security patches to address several vulnerabilities in its products, including a critical severity bug in its Unified Contact Center Express...

Ionut ArghireMay 21, 2020

Vulnerabilities

XSS, Open Redirect Vulnerabilities Patched in Drupal

The latest Drupal updates patch cross-site scripting (XSS) and open redirect vulnerabilities, but they have only been assigned “moderately critical” severity ratings.

Eduard KovacsMay 21, 2020

Application Security

Chrome 83 Brings Enhanced Safe Browsing, New Privacy and Security Controls

Google this week released Chrome 83 to the stable channel with patches for a total of 38 vulnerabilities, with improved Safe Browsing protection, and...

Ionut ArghireMay 21, 2020

Vulnerabilities

Vulnerabilities Exposed Hundreds of Thousands of QNAP NAS Devices to Attacks

Three vulnerabilities identified in QNAP Photo Station last year could be chained to achieve pre-authentication remote code execution on affected QNAP network-attached storage (NAS)...

Ionut ArghireMay 20, 2020

Cloud Security

Remote Code Execution Vulnerability Patched in VMware Cloud Director

VMware informed customers on Tuesday that it has patched a high-severity remote code execution vulnerability in its Cloud Director product.

Eduard KovacsMay 20, 2020

Vulnerabilities

Researcher Finds Memory Corruption Vulnerabilities in Several Adobe Products

Adobe informed customers on Tuesday that it has patched memory corruption vulnerabilities, including one that allows arbitrary code execution, in several of its products.

Eduard KovacsMay 20, 2020

Vulnerabilities

Nitro Pro Vulnerabilities Expose Many Enterprises to Attacks

Two recently addressed vulnerabilities in the Nitro Pro PDF editor could be exploited by malicious actors to execute code remotely on affected hosts, according...

Ionut ArghireMay 20, 2020

Vulnerabilities

Researchers Divulge Details on Five Windows Zero Days

Zero Day Initiative Researchers Publish Five Windows Zero Days

Ionut ArghireMay 19, 2020

Malware & Threats

NXNSAttack: New DNS Vulnerability Allows Big DDoS Attacks

Several major providers of DNS services and software have been working to address a serious DNS vulnerability that could allow malicious actors to launch...

Eduard KovacsMay 19, 2020

Mobile & Wireless

Bluetooth Vulnerability Allows Attackers to Impersonate Previously Paired Devices

A vulnerability related to pairing in Bluetooth Basic Rate / Enhanced Data Rate (BR/EDR) connections could be exploited to impersonate a previously paired device,...

Ionut ArghireMay 19, 2020

Cybercrime

Botnets Target Old Vulnerability in Symantec Secure Web Gateway

New variants of the Mirai and Hoaxcalls botnets have been targeting an old remote code execution (RCE) vulnerability in legacy Symantec Secure Web Gateway...

Ionut ArghireMay 19, 2020

Page 202 of 424« First ‹ Previous 198 199 200 201202203 204 205 206 Next ›Last »

Webinar: How Modern Breaches Bypass MFA and Evade Detection

June 17, 2026

Today’s attackers are no longer breaking in — they’re logging in. Join this live webinar as we break down the modern identity attack chain and examine how recent breaches exploited weaknesses in authentication, identity verification, and access management processes.

Webinar: Modern Exposure Validation in the AI Era

June 24, 2026

AI has accelerated both sides of the fight. Adversaries are weaponizing vulnerabilities faster, while defenders are racing to ship detections and configurations. Join this live webinar as we explore how to prove your controls actually hold against new threats, map your security maturity, and unite breach simulation with automated pentesting into a single, coordinated program.

SECURITYWEEK NETWORK:

ICS:

Vulnerabilities

Attackers Exploit Gravity SMTP Plugin Flaw to Harvest Valuable WordPress Data

Malware & Threats

In Other News: Apple Patches Beats Eavesdropping Flaw, DOT Closes Delta CrowdStrike Probe, AWS Continuum

Vulnerabilities

Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure

Vulnerabilities

Majority of Internet-Accessible REDCap Servers Outdated

Management & Strategy

HackerOne Says Bug Bounty Hunters Earned $100 Million Through Its Platform

Vulnerabilities

Apple Patches Over 40 Vulnerabilities in macOS Catalina

Management & Strategy

Qatar Tracing App Flaw Exposed 1 Mn Users’ Data: Amnesty

Mobile & Wireless

StrandHogg 2.0 Vulnerability Allows Hackers to Hijack Android Devices

ICS/OT

Vulnerabilities Found in Emerson SCADA Product Made for Oil and Gas Industry

Mobile & Wireless

Jailbreak Tool Updated to Unlock iPhones Running iOS 13.5

Cybercrime

Industry Reactions to Verizon 2020 DBIR: Feedback Friday

Cybercrime

Hackers Attempted to Deploy Ransomware in Attacks Targeting Sophos Firewalls

ICS/OT

Hackers Can Target Rockwell Industrial Software With Malicious EDS Files

Vulnerabilities

Cisco Patches Critical Vulnerability in Contact Center Software

Vulnerabilities

XSS, Open Redirect Vulnerabilities Patched in Drupal

Application Security

Chrome 83 Brings Enhanced Safe Browsing, New Privacy and Security Controls

Vulnerabilities

Vulnerabilities Exposed Hundreds of Thousands of QNAP NAS Devices to Attacks

Cloud Security

Remote Code Execution Vulnerability Patched in VMware Cloud Director

Vulnerabilities

Researcher Finds Memory Corruption Vulnerabilities in Several Adobe Products

Vulnerabilities

Nitro Pro Vulnerabilities Expose Many Enterprises to Attacks

Vulnerabilities

Researchers Divulge Details on Five Windows Zero Days

Malware & Threats

NXNSAttack: New DNS Vulnerability Allows Big DDoS Attacks

Mobile & Wireless

Bluetooth Vulnerability Allows Attackers to Impersonate Previously Paired Devices

Cybercrime

Botnets Target Old Vulnerability in Symantec Secure Web Gateway

Daily Briefing Newsletter

Trending

Webinar: How Modern Breaches Bypass MFA and Evade Detection

Webinar: Modern Exposure Validation in the AI Era

People on the move

Expert Insights

What the Latest ShinyHunters Breaches Reveal About Modern Cyberattacks

No Exploits Required

After AI Reaches Production: 12 Ways Security Teams Can Take Control

Everybody Is Vibe Coding But Nobody Told the Security Team

The Zero-Knowledge Threat Actor and the End of Responsible Disclosure

Daily Briefing Newsletter