Cloud Security Veeam Warns of Critical Vulnerability in Service Provider Console Veeam releases patches for two vulnerabilities in Service Provider Console, including a critical-severity remote code execution bug. Ionut Arghire4 days ago
Vulnerabilities VMware Patches High-Severity SQL Injection Flaw in HCX Platform VMware patches CVE-2024-38814 and warns that attackers with non-administrator privileges can execute remote code on the HCX manager. Ryan NaraineOctober 16, 2024
Endpoint Security Microsoft Warns of OpenVPN Vulnerabilities, Potential for Exploit Chains The vulnerabilities, patched in OpenVPN 2.6.10, expose users on the Windows platform to remote code execution attacks. Ryan NaraineAugust 12, 2024
Network Security QNAP Rushes Patch for Code Execution Flaw in NAS Devices QNAP rolls out patches for multiple vulnerabilities after proof-of-concept exploit published for a remote code execution vulnerability. Ionut ArghireMay 21, 2024
Incident Response Critical Flaw in Popular ‘Ultimate Member’ WordPress Plugin The vulnerability carries a CVSS severity score of 9.8/10 and affects web sites running the Ultimate Member WordPress membership plugin. Ionut ArghireFebruary 26, 2024
Malware & Threats ConnectWise Confirms ScreenConnect Flaw Under Active Exploitation Security experts describe exploitation of the CVSS 10/10 flaw as “trivial and embarrassingly easy.” Ryan NaraineFebruary 21, 2024
Phishing Microsoft Patch Tuesday: Critical Spoofing and Remote Code Execution Flaws Microsoft warns of critical spoofing and remote code execution bugs in the Windows MSHTML Platform and Microsoft Power Platform Connector. Ryan NaraineDecember 12, 2023