Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

A Mirai botnet has been exploiting a recently patched vulnerability tracked as CVE-2023-28771 to hack many Zyxel firewalls.

Vulnerabilities

GitLab CE/EE version 16.0.1 patches a critical arbitrary file read vulnerability tracked as CVE-2023-2825.

Vulnerabilities

Barracuda Networks is warning customers about CVE-2023-2868, a zero-day exploited to hack some Email Security Gateway (ESG) appliances.

OAuth Vulnerabilities in Widely Used Expo Framework Allowed Account Takeovers

Vulnerabilities

OAuth vulnerabilities found in the widely used Expo application development platform could have been exploited for account takeovers.

Mikrotik Belatedly Patches RouterOS Flaw Exploited at Pwn2Own

Network Security

MikroTik patches a major security defect in its RouterOS product a full five months after it was exploited at Pwn2Own Toronto.

Mobile & Wireless

Samsung smartphone users warned about CVE-2023-21492, an ASLR bypass vulnerability exploited in the wild, likely by a spyware vendor.

SBOM: Software supply chain: Part 1 SBOM: Software supply chain: Part 1

Supply Chain Security

SBOMs can be used for managing risk and determining vulnerability impact, but it’s very hard to build holistic risk models when the data is...