Vulnerabilities

Vulnerability in WordPress Migration Plugin Exposes Websites to Attacks

Vulnerabilities, WordPress /

Vulnerability in WordPress Migration Plugin Exposes Websites to Attacks 31/08/2023 at 18:05 By Ionut Arghire A vulnerability in the All-in-One WP Migration plugin’s extensions exposes WordPress websites to attacks leading to sensitive information disclosure. The post Vulnerability in WordPress Migration Plugin Exposes Websites to Attacks appeared first on SecurityWeek. This article is an excerpt from […]

React to this headline:

Loading spinner

Vulnerability in WordPress Migration Plugin Exposes Websites to Attacks Read More »

Splunk Patches High-Severity Flaws in Enterprise, IT Service Intelligence

Splunk, Vulnerabilities /

Splunk Patches High-Severity Flaws in Enterprise, IT Service Intelligence 31/08/2023 at 15:46 By Ionut Arghire Splunk has released patches for multiple high-severity vulnerabilities impacting Splunk Enterprise and IT Service Intelligence. The post Splunk Patches High-Severity Flaws in Enterprise, IT Service Intelligence appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Splunk Patches High-Severity Flaws in Enterprise, IT Service Intelligence Read More »

Recent Juniper Flaws Chained in Attacks Following PoC Exploit Publication

exploited, Juniper, Vulnerabilities /

Recent Juniper Flaws Chained in Attacks Following PoC Exploit Publication 30/08/2023 at 16:47 By Ionut Arghire Four recent vulnerabilities in the J-Web component of Junos OS have started being chained in malicious attacks after PoC exploit code was published. The post Recent Juniper Flaws Chained in Attacks Following PoC Exploit Publication appeared first on SecurityWeek.

React to this headline:

Loading spinner

Recent Juniper Flaws Chained in Attacks Following PoC Exploit Publication Read More »

High-Severity Memory Corruption Vulnerabilities Patched in Firefox, Chrome

Chrome, Firefox, Vulnerabilities /

High-Severity Memory Corruption Vulnerabilities Patched in Firefox, Chrome 30/08/2023 at 14:17 By Ionut Arghire Mozilla and Google have released stable updates for the Firefox and Chrome browsers to address several memory corruption vulnerabilities. The post High-Severity Memory Corruption Vulnerabilities Patched in Firefox, Chrome appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

High-Severity Memory Corruption Vulnerabilities Patched in Firefox, Chrome Read More »

VMware Patches Major Security Flaws in Network Monitoring Product

CISA KEV, Malware & Threats, Network Security, VMWare, VMware aria Operations for Logs, Vulnerabilities /

VMware Patches Major Security Flaws in Network Monitoring Product 29/08/2023 at 23:02 By Ryan Naraine VWware patches critical flaws that allow hackers to bypass SSH authentication and gain access to the Aria Operations for Networks command line interface. The post VMware Patches Major Security Flaws in Network Monitoring Product appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

VMware Patches Major Security Flaws in Network Monitoring Product Read More »

Cisco Patches Vulnerabilities Exposing Switches, Firewalls to DoS Attacks

Cisco, Vulnerabilities /

Cisco Patches Vulnerabilities Exposing Switches, Firewalls to DoS Attacks 24/08/2023 at 18:31 By Ionut Arghire Cisco has released patches for three high-severity vulnerabilities in NX-OS and FXOS software that could lead to denial-of-service (DoS) conditions. The post Cisco Patches Vulnerabilities Exposing Switches, Firewalls to DoS Attacks appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Cisco Patches Vulnerabilities Exposing Switches, Firewalls to DoS Attacks Read More »

3,000 Openfire Servers Exposed to Attacks Targeting Recent Vulnerability

exploited, Malware & Threats, Openfire, Vulnerabilities /

3,000 Openfire Servers Exposed to Attacks Targeting Recent Vulnerability 23/08/2023 at 17:19 By Ionut Arghire More than 3,000 Openfire servers are not patched against a recent vulnerability and are exposed to attacks employing a new exploit. The post 3,000 Openfire Servers Exposed to Attacks Targeting Recent Vulnerability appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

3,000 Openfire Servers Exposed to Attacks Targeting Recent Vulnerability Read More »

First Weekly Chrome Security Update Patches High-Severity Vulnerabilities

Chrome, Vulnerabilities /

First Weekly Chrome Security Update Patches High-Severity Vulnerabilities 23/08/2023 at 15:17 By Ionut Arghire Google has released the first weekly Chrome security update, which patches five memory safety vulnerabilities, including four rated ‘high severity’. The post First Weekly Chrome Security Update Patches High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

First Weekly Chrome Security Update Patches High-Severity Vulnerabilities Read More »

Exploitation of Ivanti Sentry Zero-Day Confirmed

exploited, Featured, Ivanti, Vulnerabilities, Zero-Day /

Exploitation of Ivanti Sentry Zero-Day Confirmed 23/08/2023 at 12:17 By Eduard Kovacs While initially it was unclear if the Ivanti Sentry vulnerability CVE-2023-38035 has been exploited, the vendor and CISA have now confirmed it. The post Exploitation of Ivanti Sentry Zero-Day Confirmed appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Exploitation of Ivanti Sentry Zero-Day Confirmed Read More »

CISA Warns of Another Exploited Adobe ColdFusion Vulnerability

ColdFusion, exploited, Featured, Malware & Threats, Vulnerabilities /

CISA Warns of Another Exploited Adobe ColdFusion Vulnerability 22/08/2023 at 13:47 By Eduard Kovacs CISA warns that CVE-2023-26359, an Adobe ColdFusion vulnerability patched in March, has been exploited in the wild. The post CISA Warns of Another Exploited Adobe ColdFusion Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

CISA Warns of Another Exploited Adobe ColdFusion Vulnerability Read More »

Ivanti Ships Urgent Patch for API Authentication Bypass Vulnerability

Malware & Threats, Network Security, Vulnerabilities /

Ivanti Ships Urgent Patch for API Authentication Bypass Vulnerability 21/08/2023 at 22:31 By Ryan Naraine A critical-severity vulnerability in the Ivanti Sentry (formerly MobileIron Sentry) product exposes sensitive API data and configurations. The post Ivanti Ships Urgent Patch for API Authentication Bypass Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Ivanti Ships Urgent Patch for API Authentication Bypass Vulnerability Read More »

Flaws in Juniper Switches and Firewalls Can Be Chained for Remote Code Execution

Juniper, Vulnerabilities /

Flaws in Juniper Switches and Firewalls Can Be Chained for Remote Code Execution 21/08/2023 at 14:01 By Ionut Arghire Juniper Networks has released Junos OS updates to address J-Web vulnerabilities that can be combined to achieve unauthenticated, remote code execution. The post Flaws in Juniper Switches and Firewalls Can Be Chained for Remote Code Execution

React to this headline:

Loading spinner

Flaws in Juniper Switches and Firewalls Can Be Chained for Remote Code Execution Read More »

In Other News: US Hacking China, Unfixed PowerShell Gallery Flaws, Free Train Tickets

Cyberwarfare, In Other News, Vulnerabilities /

In Other News: US Hacking China, Unfixed PowerShell Gallery Flaws, Free Train Tickets 18/08/2023 at 18:17 By SecurityWeek News Weekly cybersecurity news roundup that provides a summary of noteworthy stories that might have slipped under the radar for the week of August 14, 2023. The post In Other News: US Hacking China, Unfixed PowerShell Gallery

React to this headline:

Loading spinner

In Other News: US Hacking China, Unfixed PowerShell Gallery Flaws, Free Train Tickets Read More »

Jenkins Patches High-Severity Vulnerabilities in Multiple Plugins

Jenkins, Vulnerabilities /

Jenkins Patches High-Severity Vulnerabilities in Multiple Plugins 18/08/2023 at 16:46 By Ionut Arghire Jenkins has announced patches for high and medium-severity vulnerabilities impacting several of the open source automation tool’s plugins. The post Jenkins Patches High-Severity Vulnerabilities in Multiple Plugins appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Jenkins Patches High-Severity Vulnerabilities in Multiple Plugins Read More »

Companies Respond to ‘Downfall’ Intel CPU Vulnerability 

Endpoint Security, Vulnerabilities /

Companies Respond to ‘Downfall’ Intel CPU Vulnerability  18/08/2023 at 15:49 By Eduard Kovacs Several major companies have published advisories in response to the Downfall vulnerability affecting Intel CPUs. The post Companies Respond to ‘Downfall’ Intel CPU Vulnerability  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

Companies Respond to ‘Downfall’ Intel CPU Vulnerability  Read More »

Google Brings AI Magic to Fuzz Testing With Eye-Opening Results

Application Security, Supply Chain Security, Vulnerabilities /

Google Brings AI Magic to Fuzz Testing With Eye-Opening Results 17/08/2023 at 20:46 By Ryan Naraine Google sprinkles magic of generative-AI into its open source fuzz testing infrastructure and finds immediate success with code coverage. The post Google Brings AI Magic to Fuzz Testing With Eye-Opening Results appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Google Brings AI Magic to Fuzz Testing With Eye-Opening Results Read More »

Cisco Patches High-Severity Vulnerabilities in Enterprise Applications

Cisco, Vulnerabilities /

Cisco Patches High-Severity Vulnerabilities in Enterprise Applications 17/08/2023 at 19:02 By Ionut Arghire Cisco has patched high-severity vulnerabilities in enterprise applications that could lead to privilege escalation, SQL injection, and denial-of-service. The post Cisco Patches High-Severity Vulnerabilities in Enterprise Applications appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Cisco Patches High-Severity Vulnerabilities in Enterprise Applications Read More »

Exploitation of Citrix ShareFile Vulnerability Spikes as CISA Issues Warning 

Citrix, exploited, Featured, Vulnerabilities /

Exploitation of Citrix ShareFile Vulnerability Spikes as CISA Issues Warning  17/08/2023 at 12:18 By Eduard Kovacs Exploitation of a Citrix ShareFile vulnerability tracked as CVE-2023-24489 has spiked as CISA added it to its ‘must patch’ catalog. The post Exploitation of Citrix ShareFile Vulnerability Spikes as CISA Issues Warning  appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Exploitation of Citrix ShareFile Vulnerability Spikes as CISA Issues Warning  Read More »

Ivanti Patches Critical Vulnerability in Avalanche Enterprise MDM Solution

Ivanti, Vulnerabilities /

Ivanti Patches Critical Vulnerability in Avalanche Enterprise MDM Solution 16/08/2023 at 16:45 By Ionut Arghire Ivanti has patched critical- and high-severity vulnerabilities with the latest release of Avalanche, its enterprise mobile device management solution. The post Ivanti Patches Critical Vulnerability in Avalanche Enterprise MDM Solution appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Ivanti Patches Critical Vulnerability in Avalanche Enterprise MDM Solution Read More »

GitHub Paid Out $1.5 Million in Bug Bounties in 2022

Management & Strategy, Vulnerabilities /

GitHub Paid Out $1.5 Million in Bug Bounties in 2022 16/08/2023 at 15:00 By Ionut Arghire GitHub says it paid out more than $1.5 million in bug bounties for 364 vulnerabilities in 2022, reaching a total of nearly $4 million since 2016. The post GitHub Paid Out $1.5 Million in Bug Bounties in 2022 appeared

React to this headline:

Loading spinner

GitHub Paid Out $1.5 Million in Bug Bounties in 2022 Read More »

Scroll to Top