Hi, what are you looking for?
WordPress 6.4.2 patches a flaw that could be chained with another vulnerability to execute arbitrary code.
Russian threat actor APT28 has been exploiting a no-interaction Outlook vulnerability in attacks against 14 countries.
LogoFAIL is an UEFI image parser attack allowing hackers to compromise consumer and enterprise devices using malicious logo images.
Google is hosting capture the flag (CTF) events focused on Chrome’s V8 engine and on Kernel-based Virtual Machine (KVM).
CISA has removed from its KEV catalog five Owl Labs video conferencing flaws that require the attacker to be in Bluetooth range.
Cisco warns that unauthenticated, remote attackers can log into devices using root account, which has default, static credentials that cannot be changed or deleted.
Atlassian confirms that “a handful of customers” were hit by exploits targeting a remotely exploitable flaw in its Confluence Data Center and Server products.
Supermicro has released BMC IPMI firmware updates to address multiple vulnerabilities impacting select motherboard models.
A local privilege escalation vulnerability (CVE-2023-4911) in the GNU C Library (glibc) can be exploited to gain full root privileges.
Rapid7 says attackers are targeting a critical pre-authentication flaw in Progress Software’s WS_FTP server just days after disclosure.
Researchers have warned that powerful AI models could be used to supercharge online disinformation, cyberattacks or creation of bioweapons.
San Francisco startup gets fresh capital from Battery Ventures to compete in the crowded identity and access management space.