Vulnerabilities
SAP has released patches for a critical vulnerability impacting multiple enterprise applications, including NetWeaver and S/4HANA.
Hi, what are you looking for?
SecurityWeek
Vulnerabilities
CISA has added CVE-2018-14667, an old critical JBoss RichFaces flaw to its known exploited vulnerabilities catalog.
Vulnerabilities
Hackers have set their sights on CVE-2023-34468, an RCE vulnerability in Apache NiFi that impacts thousands of organizations.
Vulnerabilities
Gaps in Cloudflare’s security controls allow users to bypass protections and target others from the platform itself.
Cybercrime
Progress Software ships patches for critical-severity flaws in its WS_FTP file transfer software and warns that a pre-authenticated attacker could wreak havoc on the...
Vulnerabilities
Cisco has released patches for vulnerability in the GET VPN feature of IOS and IOS XE software that has been exploited in attacks.
Vulnerabilities
Google has rushed to patch a new Chrome zero-day vulnerability, tracked as CVE-2023-5217 and exploited by a spyware vendor.
Malware & Threats
Microsoft’s struggles with zero-day exploits rolled into a new month with a fresh Patch Tuesday warning about malware attacks in the wild.
Data Breaches
Adobe raises an alarm for new in-the-wild zero-day attacks hitting users of its widely deployed Adobe Acrobat and Reader product.
Vulnerabilities
Despite GitHub’s efforts to prevent repository hijacking, cybersecurity researchers continue finding new attack methods, and thousands of code packages and millions of users could...
Vulnerabilities
Google has released a Chrome 116 security update to patch CVE-2023-4863, the fourth Chrome zero-day vulnerability documented in 2023.
ICS/OT
A researcher has found 7 vulnerabilities in Socomec UPS products that can be exploited to hijack and disrupt devices.
Malware & Threats
Cisco is warning of a zero-day vulnerability in Cisco ASA and FTD that can be exploited remotely, without authentication, in brute force attacks.
Cyberwarfare
Noteworthy stories that might have slipped under the radar: LastPass vault hacking, Russia targets energy facility in Ukraine, NXP data breach.
Malware & Threats
Apple pushes out an urgent point-update to its flagship iOS and macOS platforms to fix a pair of security defects being exploited in the...
Malware & Threats
Google again catches a North Korean APT actor targeting security researchers with zero-days and rigged software tools.
Vulnerabilities
Cisco has released patches for CVE-2023-20238, a critical authentication bypass vulnerability in the BroadWorks Application Delivery Platform.
Vulnerabilities
Dozens of vulnerabilities have been found in widely used security cameras made by defunct Chinese company Zavio.
Artificial Intelligence
The NSA is starting an artificial intelligence security center — a crucial mission as AI capabilities are increasingly acquired, developed and integrated into U.S....
Ransomware
Endpoint Security
Funding/M&A
Bankrupt and out of financing options, IronNet has terminated all employees and plan to file for Chapter 7 protection.
Cloud Security
