Vulnerabilities Thousands of GitLab Instances Unpatched Against Critical Password Reset Bug Over 5,000 GitLab servers have yet to be patched against CVE-2023-7028, a critical password reset vulnerability. Ionut ArghireJanuary 25, 2024
Vulnerabilities Vulnerabilities in Lamassu Bitcoin ATMs Can Allow Hackers to Drain Wallets Hackers could exploit Lamassu Douro ATM vulnerabilities to take over devices, steal bitcoin from users. Ionut ArghireJanuary 23, 2024
Vulnerabilities Hackers Targeting Critical Atlassian Confluence Vulnerability Days After Disclosure The Atlassian Confluence vulnerability CVE-2023-22527 is being exploited in the wild just days after it was disclosed. Eduard KovacsJanuary 22, 2024
ICS/OT Unpatched Rapid SCADA Vulnerabilities Expose Industrial Organizations to Attacks Seven vulnerabilities found in Rapid SCADA could be exploited to gain access to sensitive industrial systems, but they remain unpatched. Eduard KovacsJanuary 18, 2024
Vulnerabilities GitHub Rotates Credentials in Response to Vulnerability GitHub rotates credentials and releases patches after being alerted of a vulnerability affecting GitHub.com and GitHub Enterprise Server. Ionut ArghireJanuary 17, 2024
Vulnerabilities Remote Code Execution Vulnerability Found in Opera File Sharing Feature A vulnerability in an Opera browser feature for sharing files between devices could have led to remote code execution (RCE), threat protection firm Guardio... Ionut ArghireJanuary 16, 2024
Vulnerabilities VMware Urges Customers to Patch Critical Aria Automation Vulnerability Aria Automation is affected by a critical vulnerability that could be exploited to gain access to remote organizations and workflows. Eduard KovacsJanuary 16, 2024
Vulnerabilities GitLab Patches Critical Password Reset Vulnerability GitLab has resolved a critical authentication vulnerability allowing attackers to hijack password reset emails. Ionut ArghireJanuary 15, 2024
ICS/OT Bosch Nutrunner Vulnerabilities Could Aid Hacker Attacks Against Automotive Production Lines Hackers can take complete control of Bosch Rexroth nutrunners, installing ransomware or altering settings to cause financial impact and brand damage. Eduard KovacsJanuary 9, 2024
Vulnerabilities QNAP Patches High-Severity Flaws in QTS, Video Station, QuMagie, Netatalk Products QNAP has released patches for a dozen vulnerabilities in its products, including several high-severity flaws. Ionut ArghireJanuary 8, 2024
Vulnerabilities Vulnerability Handling in 2023: 28,000 New CVEs, 84 New CNAs A total of more than 28,000 CVE IDs were assigned in 2023 and 84 new CVE Numbering Authorities (CNAs) were named. Eduard KovacsJanuary 8, 2024
Endpoint Security ESET Patches High-Severity Vulnerability in Secure Traffic Scanning Feature ESET has patched CVE-2023-5594, a high-severity vulnerability that can cause a browser to trust websites that should not be trusted. Eduard KovacsDecember 21, 2023