Vulnerabilities

F5 Warns of Critical Remote Code Execution Vulnerability in BIG-IP

F5, Vulnerabilities, vulnerability /

F5 Warns of Critical Remote Code Execution Vulnerability in BIG-IP 27/10/2023 at 17:47 By Ionut Arghire A critical-severity vulnerability in F5 BIG-IP CVE-2023-46747 allows unauthenticated attackers to execute code remotely. The post F5 Warns of Critical Remote Code Execution Vulnerability in BIG-IP appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed […]

React to this headline:

Loading spinner

F5 Warns of Critical Remote Code Execution Vulnerability in BIG-IP Read More »

Critical Mirth Connect Vulnerability Could Expose Sensitive Healthcare Data

healthcare, Vulnerabilities /

Critical Mirth Connect Vulnerability Could Expose Sensitive Healthcare Data 26/10/2023 at 22:03 By Ionut Arghire Mirth Connect versions prior to 4.4.1 are vulnerable to CVE-2023-43208, a bypass for an RCE vulnerability. The post Critical Mirth Connect Vulnerability Could Expose Sensitive Healthcare Data appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Critical Mirth Connect Vulnerability Could Expose Sensitive Healthcare Data Read More »

Hackers Earn $350k on Second Day at Pwn2Own Toronto 2023

IoT Security, Pwn2Own, Vulnerabilities /

Hackers Earn $350k on Second Day at Pwn2Own Toronto 2023 26/10/2023 at 20:02 By Ionut Arghire Smart speakers, printers, routers, NAS devices, and mobile phones were hacked on the second day at Pwn2Own Toronto 2023. The post Hackers Earn $350k on Second Day at Pwn2Own Toronto 2023 appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Hackers Earn $350k on Second Day at Pwn2Own Toronto 2023 Read More »

iLeakage Attack Exploits Safari to Steal Sensitive Data From Macs, iPhones

apple, Featured, Mobile & Wireless, side-channel attack, Vulnerabilities /

iLeakage Attack Exploits Safari to Steal Sensitive Data From Macs, iPhones 26/10/2023 at 19:32 By Eduard Kovacs New iLeakage side-channel speculative execution attack exploits Safari to steal sensitive information from Macs and iPhones. The post iLeakage Attack Exploits Safari to Steal Sensitive Data From Macs, iPhones appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

iLeakage Attack Exploits Safari to Steal Sensitive Data From Macs, iPhones Read More »

Apple Ships Major iOS, macOS Security Updates

apple, Endpoint Security, iOS, macOS, Malware & Threats, Mobile & Wireless, Vulnerabilities, WebKit /

Apple Ships Major iOS, macOS Security Updates 25/10/2023 at 23:01 By Ryan Naraine Apple patches dozens of serious security flaws in its macOS and iOS platforms, warning that hackers could launch code execution exploits. The post Apple Ships Major iOS, macOS Security Updates appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Apple Ships Major iOS, macOS Security Updates Read More »

Firefox, Chrome Updates Patch High-Severity Vulnerabilities

Chrome, Firefox, Vulnerabilities /

Firefox, Chrome Updates Patch High-Severity Vulnerabilities 25/10/2023 at 23:01 By Ionut Arghire Firefox and Chrome updates released this week resolve multiple high-severity memory safety vulnerabilities. The post Firefox, Chrome Updates Patch High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

Firefox, Chrome Updates Patch High-Severity Vulnerabilities Read More »

Hackers Earn $400k on First Day at Pwn2Own Toronto 2023

IoT Security, Pwn2Own, Vulnerabilities /

Hackers Earn $400k on First Day at Pwn2Own Toronto 2023 25/10/2023 at 19:17 By Ionut Arghire NAS devices, printers, IP cameras, speakers, and mobile phones were hacked on the first day at Pwn2Own Toronto 2023. The post Hackers Earn $400k on First Day at Pwn2Own Toronto 2023 appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Hackers Earn $400k on First Day at Pwn2Own Toronto 2023 Read More »

Censys Banks $75M for Attack Surface Management Technology

Application Security, attack surface management, Censys, cloud security, Intel Capital, Series C, Threat Intelligence, Vulnerabilities /

Censys Banks $75M for Attack Surface Management Technology 25/10/2023 at 18:17 By Ryan Naraine Michigan startup raises $75 million in new funding as venture capital investors bet big on attack surface management technologies. The post Censys Banks $75M for Attack Surface Management Technology appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Censys Banks $75M for Attack Surface Management Technology Read More »

VMware vCenter Flaw So Critical, Patches Released for End-of-Life Products

cloud security, CVE-2023-34048, CVE-2023-34051, Incident Response, vCenter Server, virtualization, VMWare, Vulnerabilities /

VMware vCenter Flaw So Critical, Patches Released for End-of-Life Products 25/10/2023 at 16:31 By Ryan Naraine VMware described the bug as an out-of-bounds write issue in its implementation of the DCE/RPC protocol. CVSS severity score of 9.8/10. The post VMware vCenter Flaw So Critical, Patches Released for End-of-Life Products appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

VMware vCenter Flaw So Critical, Patches Released for End-of-Life Products Read More »

Number of Cisco Devices Hacked via Zero-Day Remains High as Attackers Update Implant

Cisco, Malware & Threats, Vulnerabilities, vulnerability, Zero-Day /

Number of Cisco Devices Hacked via Zero-Day Remains High as Attackers Update Implant 24/10/2023 at 20:02 By Eduard Kovacs The number of Cisco devices hacked via recent zero-days remains high, but the attackers have updated their implant. The post Number of Cisco Devices Hacked via Zero-Day Remains High as Attackers Update Implant appeared first on

React to this headline:

Loading spinner

Number of Cisco Devices Hacked via Zero-Day Remains High as Attackers Update Implant Read More »

SolarWinds Patches High-Severity Flaws in Access Rights Manager

CVE-2023-35182, CVE-2023-35185, CVE-2023-35187, Identity & Access, Network Security, SolarWinds, Vulnerabilities /

SolarWinds Patches High-Severity Flaws in Access Rights Manager 23/10/2023 at 21:49 By Ionut Arghire SolarWinds patches high-severity flaws in its Access Rights Manager product, including three unauthenticated remote code execution issues. The post SolarWinds Patches High-Severity Flaws in Access Rights Manager appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

SolarWinds Patches High-Severity Flaws in Access Rights Manager Read More »

Cisco Finds Second Zero-Day as Number of Hacked Devices Apparently Drops

Cisco, Featured, Malware & Threats, Vulnerabilities, Zero-Day /

Cisco Finds Second Zero-Day as Number of Hacked Devices Apparently Drops 23/10/2023 at 21:49 By Eduard Kovacs Cisco has found a second zero-day vulnerability that has been exploited in recent attacks as the number of hacked devices has started dropping. The post Cisco Finds Second Zero-Day as Number of Hacked Devices Apparently Drops appeared first

React to this headline:

Loading spinner

Cisco Finds Second Zero-Day as Number of Hacked Devices Apparently Drops Read More »

Number of Cisco Devices Hacked via Unpatched Vulnerability Increases to 40,000

Cisco, exploited, Malware & Threats, Vulnerabilities /

Number of Cisco Devices Hacked via Unpatched Vulnerability Increases to 40,000 19/10/2023 at 14:01 By Eduard Kovacs The number of Cisco devices hacked via the CVE-2023-20198 zero-day has reached 40,000, including many in the US. The post Number of Cisco Devices Hacked via Unpatched Vulnerability Increases to 40,000 appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Number of Cisco Devices Hacked via Unpatched Vulnerability Increases to 40,000 Read More »

Three Months After Patch, Gov-Backed Actors Exploiting WinRAR Flaw

China, CVE-2023-38831, cybercrime, Malware & Threats, Nation-State, Russia, Sandworm, Vulnerabilities, WinRAR /

Three Months After Patch, Gov-Backed Actors Exploiting WinRAR Flaw 18/10/2023 at 20:55 By Ryan Naraine Google says it is still catching government-backed groups linked to China and Russia launching WinRAR exploits in targeted attacks. The post Three Months After Patch, Gov-Backed Actors Exploiting WinRAR Flaw appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Three Months After Patch, Gov-Backed Actors Exploiting WinRAR Flaw Read More »

Oracle Patches 185 Vulnerabilities With October 2023 CPU

Oracle, Vulnerabilities /

Oracle Patches 185 Vulnerabilities With October 2023 CPU 18/10/2023 at 15:49 By Ionut Arghire Oracle on Tuesday released 387 new security patches that address 185 vulnerabilities in its code and third-party components. The post Oracle Patches 185 Vulnerabilities With October 2023 CPU appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Oracle Patches 185 Vulnerabilities With October 2023 CPU Read More »

Recent NetScaler Vulnerability Exploited as Zero-Day Since August

Citrix, exploited, Featured, Vulnerabilities, Zero-Day /

Recent NetScaler Vulnerability Exploited as Zero-Day Since August 18/10/2023 at 14:01 By Ionut Arghire Mandiant says the recently patched Citrix NetScaler vulnerability CVE-2023-4966 had been exploited as zero-day since August. The post Recent NetScaler Vulnerability Exploited as Zero-Day Since August appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Recent NetScaler Vulnerability Exploited as Zero-Day Since August Read More »

US Gov Expects Widespread Exploitation of Atlassian Confluence Vulnerability

Atlassian, CISA, exploited, Vulnerabilities /

US Gov Expects Widespread Exploitation of Atlassian Confluence Vulnerability 17/10/2023 at 14:16 By Ionut Arghire CISA, FBI, and MS-ISAC warn of potential widespread exploitation of CVE-2023-22515, a critical vulnerability in Atlassian Confluence. The post US Gov Expects Widespread Exploitation of Atlassian Confluence Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

US Gov Expects Widespread Exploitation of Atlassian Confluence Vulnerability Read More »

Cisco Devices Hacked via IOS XE Zero-Day Vulnerability

Cisco, exploited, Featured, Vulnerabilities, Zero-Day /

Cisco Devices Hacked via IOS XE Zero-Day Vulnerability 17/10/2023 at 14:16 By Eduard Kovacs Cisco is warning customers that a new IOS XE zero-day vulnerability tracked as CVE-2023-20198 is being exploited to hack devices.  The post Cisco Devices Hacked via IOS XE Zero-Day Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Cisco Devices Hacked via IOS XE Zero-Day Vulnerability Read More »

WordPress Websites Hacked via Royal Elementor Plugin Zero-Day

cybercrime, Vulnerabilities /

WordPress Websites Hacked via Royal Elementor Plugin Zero-Day 17/10/2023 at 13:01 By Ionut Arghire A critical vulnerability in the Royal Elementor WordPress plugin has been exploited as a zero-day since August 30. The post WordPress Websites Hacked via Royal Elementor Plugin Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

WordPress Websites Hacked via Royal Elementor Plugin Zero-Day Read More »

Signal Pours Cold Water on Zero-Day Exploit Rumors

Encryption, Lockdown Mode, Malware & Threats, Privacy, Signal, Vulnerabilities, WhatsApp /

Signal Pours Cold Water on Zero-Day Exploit Rumors 16/10/2023 at 17:47 By Ryan Naraine Privacy-focused messaging firm Signal is pouring cold water on widespread rumors of a zero-day exploit in its popular encrypted chat app. The post Signal Pours Cold Water on Zero-Day Exploit Rumors appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Signal Pours Cold Water on Zero-Day Exploit Rumors Read More »

Scroll to Top