Vulnerabilities

Docker Hub Users Targeted With Imageless, Malicious Repositories

cloud security, Docker Hub, JFrog, Vulnerabilities /

Docker Hub Users Targeted With Imageless, Malicious Repositories 2024-04-30 at 20:46 By Ionut Arghire JFrog raises an alarm after finding three large-scale malware campaigns targeting Docker Hub with imageless repositories. The post Docker Hub Users Targeted With Imageless, Malicious Repositories appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original […]

React to this headline:

Loading spinner

Docker Hub Users Targeted With Imageless, Malicious Repositories Read More »

Critical Vulnerabilities in Judge0 Lead to Sandbox Escape, Host Takeover

CVE-2024-28189, CVE-2024-29021, Judge0, Malware & Threats, Vulnerabilities /

Critical Vulnerabilities in Judge0 Lead to Sandbox Escape, Host Takeover 2024-04-30 at 20:46 By Ionut Arghire Three vulnerabilities in the Judge0 open source service could allow attackers to escape the sandbox and obtain root privileges on the host. The post Critical Vulnerabilities in Judge0 Lead to Sandbox Escape, Host Takeover appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Critical Vulnerabilities in Judge0 Lead to Sandbox Escape, Host Takeover Read More »

Vulnerability in R Programming Language Could Fuel Supply Chain Attacks

CVE-2024-27322, Featured, Vulnerabilities, vulnerability /

Vulnerability in R Programming Language Could Fuel Supply Chain Attacks 2024-04-30 at 17:16 By Ionut Arghire A vulnerability (CVE-2024-27322) in the R programming language implementation can be exploited to execute arbitrary and be used as part of a supply chain attack. The post Vulnerability in R Programming Language Could Fuel Supply Chain Attacks appeared first

React to this headline:

Loading spinner

Vulnerability in R Programming Language Could Fuel Supply Chain Attacks Read More »

Over 1,400 CrushFTP Instances Vulnerable to Exploited Zero-Day

CrushFTP, CVE-2024-4040, Malware & Threats, Vulnerabilities, Zero-Day /

Over 1,400 CrushFTP Instances Vulnerable to Exploited Zero-Day 2024-04-26 at 17:16 By Ionut Arghire More than 1,400 CrushFTP servers remain vulnerable to an actively exploited zero-day for which PoC has been published. The post Over 1,400 CrushFTP Instances Vulnerable to Exploited Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Over 1,400 CrushFTP Instances Vulnerable to Exploited Zero-Day Read More »

Vulnerabilities Expose Brocade SAN Appliances, Switches to Hacking

Brocade, SAN, Vulnerabilities /

Vulnerabilities Expose Brocade SAN Appliances, Switches to Hacking 2024-04-25 at 15:17 By Ionut Arghire The Brocade SANnav management application is affected by multiple vulnerabilities, including a publicly available root password. The post Vulnerabilities Expose Brocade SAN Appliances, Switches to Hacking appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Vulnerabilities Expose Brocade SAN Appliances, Switches to Hacking Read More »

Cisco Raises Alarm for ‘ArcaneDoor’ Zero-Days Hitting ASA Firewall Platforms

ArcaneDoor, China APT, Cisco ASA, Cisco Talos, Nation-State, Network Security, Vulnerabilities /

Cisco Raises Alarm for ‘ArcaneDoor’ Zero-Days Hitting ASA Firewall Platforms 2024-04-24 at 21:16 By Ryan Naraine Cisco warns that nation state-backed hackers are exploiting at least two zero-day vulnerabilities in its ASA firewall platforms to plant malware on telecommunications and energy sector networks. The post Cisco Raises Alarm for ‘ArcaneDoor’ Zero-Days Hitting ASA Firewall Platforms

React to this headline:

Loading spinner

Cisco Raises Alarm for ‘ArcaneDoor’ Zero-Days Hitting ASA Firewall Platforms Read More »

Google Patches Critical Chrome Vulnerability

Chrome, Vulnerabilities /

Google Patches Critical Chrome Vulnerability 2024-04-24 at 16:16 By Eduard Kovacs Google patches CVE-2024-4058, a critical Chrome vulnerability for which researchers earned a $16,000 reward.  The post Google Patches Critical Chrome Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

Google Patches Critical Chrome Vulnerability Read More »

CISA Warns of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation

CISA KEV, exploited, Russia, Vulnerabilities, Windows /

CISA Warns of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation 2024-04-24 at 16:16 By Ionut Arghire CISA warns organizations of a two-year-old Windows Print Spooler vulnerability being exploited in the wild. The post CISA Warns of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

CISA Warns of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation Read More »

Siemens Industrial Product Impacted by Exploited Palo Alto Firewall Vulnerability

ICS, ICS/OT, Palo Alto Networks, Siemens, Vulnerabilities /

Siemens Industrial Product Impacted by Exploited Palo Alto Firewall Vulnerability 2024-04-23 at 14:02 By Eduard Kovacs Palo Alto Networks firewall vulnerability CVE-2024-3400, exploited as a zero-day, impacts a Siemens industrial product. The post Siemens Industrial Product Impacted by Exploited Palo Alto Firewall Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Siemens Industrial Product Impacted by Exploited Palo Alto Firewall Vulnerability Read More »

Microsoft DRM Hack Could Allow Movie Downloads From Popular Streaming Services

Data Protection, Featured, piracy, PlayReady, Streaming, Vulnerabilities /

Microsoft DRM Hack Could Allow Movie Downloads From Popular Streaming Services 2024-04-23 at 14:01 By Eduard Kovacs Microsoft PlayReady vulnerabilities that could allow rogue subscribers to illegally download movies from popular streaming services. The post Microsoft DRM Hack Could Allow Movie Downloads From Popular Streaming Services appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Microsoft DRM Hack Could Allow Movie Downloads From Popular Streaming Services Read More »

CrushFTP Patches Exploited Zero-Day Vulnerability

CrushFTP, exploited, Vulnerabilities /

CrushFTP Patches Exploited Zero-Day Vulnerability 2024-04-22 at 16:32 By Ionut Arghire CrushFTP patches a zero-day vulnerability allowing unauthenticated attackers to escape the VFS and retrieve system files. The post CrushFTP Patches Exploited Zero-Day Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

CrushFTP Patches Exploited Zero-Day Vulnerability Read More »

SAP Applications Increasingly in Attacker Crosshairs, Report Shows

Application Security, CISA KEV, Flashpoint, Onapsis, SAP, Vulnerabilities /

SAP Applications Increasingly in Attacker Crosshairs, Report Shows 2024-04-18 at 19:46 By Ionut Arghire Malicious hackers are targeting SAP applications at an alarming pace, according to warnings from Onapsis and Flashpoint. The post SAP Applications Increasingly in Attacker Crosshairs, Report Shows appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

SAP Applications Increasingly in Attacker Crosshairs, Report Shows Read More »

Cisco Says PoC Exploit Available for Newly Patched IMC Vulnerability

Cisco, Vulnerabilities, vulnerability /

Cisco Says PoC Exploit Available for Newly Patched IMC Vulnerability 2024-04-18 at 15:46 By Ionut Arghire Cisco patches a high-severity Integrated Management Controller vulnerability for which PoC exploit code is available. The post Cisco Says PoC Exploit Available for Newly Patched IMC Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Cisco Says PoC Exploit Available for Newly Patched IMC Vulnerability Read More »

Ivanti Patches 27 Vulnerabilities in Avalanche MDM Product

Ivanti, Vulnerabilities /

Ivanti Patches 27 Vulnerabilities in Avalanche MDM Product 2024-04-17 at 15:46 By Ionut Arghire Ivanti releases patches for 27 vulnerabilities in the Avalanche MDM product, including critical flaws leading to command execution. The post Ivanti Patches 27 Vulnerabilities in Avalanche MDM Product appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Ivanti Patches 27 Vulnerabilities in Avalanche MDM Product Read More »

Oracle Patches 230 Vulnerabilities With April 2024 CPU

Featured, Oracle, Vulnerabilities /

Oracle Patches 230 Vulnerabilities With April 2024 CPU 2024-04-17 at 14:31 By Ionut Arghire Oracle releases 441 new security patches to address 230 vulnerabilities as part of its April 2024 Critical Patch Update. The post Oracle Patches 230 Vulnerabilities With April 2024 CPU appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Oracle Patches 230 Vulnerabilities With April 2024 CPU Read More »

Critical PuTTY Vulnerability Allows Secret Key Recovery

Encryption, PuTTY, Vulnerabilities /

Critical PuTTY Vulnerability Allows Secret Key Recovery 2024-04-16 at 20:01 By Eduard Kovacs PuTTY vulnerability CVE-2024-31497 allows attackers to compromise private keys and use them to forge signatures.  The post Critical PuTTY Vulnerability Allows Secret Key Recovery appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

Critical PuTTY Vulnerability Allows Secret Key Recovery Read More »

Delinea Scrambles to Patch Critical Flaw After Failed Responsible Disclosure Attempt

Delinea, Featured, Vulnerabilities, vulnerability /

Delinea Scrambles to Patch Critical Flaw After Failed Responsible Disclosure Attempt 2024-04-16 at 13:46 By Eduard Kovacs PAM company Delinea over the weekend rushed to patch a critical authentication bypass vulnerability after it apparently ignored the researcher who found the flaw. The post Delinea Scrambles to Patch Critical Flaw After Failed Responsible Disclosure Attempt appeared

React to this headline:

Loading spinner

Delinea Scrambles to Patch Critical Flaw After Failed Responsible Disclosure Attempt Read More »

Juniper Networks Publishes Dozens of New Security Advisories

Juniper, Vulnerabilities, vulnerability /

Juniper Networks Publishes Dozens of New Security Advisories 2024-04-15 at 17:04 By Ionut Arghire Juniper Networks patches dozens of vulnerabilities in Junos OS, Junos OS Evolved, and other products. The post Juniper Networks Publishes Dozens of New Security Advisories appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

Juniper Networks Publishes Dozens of New Security Advisories Read More »

Palo Alto Networks Warns of Exploited Firewall Vulnerability

exploited, Featured, firewall, Palo Alto Networks, Vulnerabilities /

Palo Alto Networks Warns of Exploited Firewall Vulnerability 2024-04-12 at 14:31 By Ionut Arghire Palo Alto Networks warns of limited exploitation of a critical command injection vulnerability leading to code execution on firewalls. The post Palo Alto Networks Warns of Exploited Firewall Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Palo Alto Networks Warns of Exploited Firewall Vulnerability Read More »

Exploitation of Unpatched D-Link NAS Device Vulnerabilities Soars

D-Link, exploited, IoT Security, Vulnerabilities /

Exploitation of Unpatched D-Link NAS Device Vulnerabilities Soars 2024-04-12 at 14:31 By Eduard Kovacs Second identifier, CVE-2024-3272, assigned to unpatched D-Link NAS device vulnerabilities, just as exploitation attempts soar.  The post Exploitation of Unpatched D-Link NAS Device Vulnerabilities Soars appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

Exploitation of Unpatched D-Link NAS Device Vulnerabilities Soars Read More »

Scroll to Top