Vulnerabilities

PoC Exploit Published for Cisco AnyConnect Secure Vulnerability

Cisco, exploit, Vulnerabilities /

PoC Exploit Published for Cisco AnyConnect Secure Vulnerability 22/06/2023 at 16:31 By Ionut Arghire A security researcher has published proof-of-concept (PoC) exploit code targeting a recent high-severity vulnerability (CVE-2023-20178) in Cisco AnyConnect Secure. The post PoC Exploit Published for Cisco AnyConnect Secure Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS […]

React to this headline:

Loading spinner

PoC Exploit Published for Cisco AnyConnect Secure Vulnerability Read More »

Apple Patches iOS Flaws Used in Kaspersky ‘Operation Triangulation’ 

CVE-2023-32434, CVE-2023-32435, Nation-State, Vulnerabilities, Zero-Day /

Apple Patches iOS Flaws Used in Kaspersky ‘Operation Triangulation’  21/06/2023 at 22:52 By Ionut Arghire Apple ships major iOS security updates to cover code execution vulnerabilities already exploited in the wild. The post Apple Patches iOS Flaws Used in Kaspersky ‘Operation Triangulation’  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Apple Patches iOS Flaws Used in Kaspersky ‘Operation Triangulation’  Read More »

Critical WordPress Plugin Vulnerabilities Impact Thousands of Sites

Application Security, CVE-2023-2834, CVE-2023-2986, CVSS 9.8, Vulnerabilities, WooCommerce, WordPress /

Critical WordPress Plugin Vulnerabilities Impact Thousands of Sites 21/06/2023 at 19:14 By Ionut Arghire Two critical-severity authentication bypass vulnerabilities in WordPress plugins with tens of thousands of installations. The post Critical WordPress Plugin Vulnerabilities Impact Thousands of Sites appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

Critical WordPress Plugin Vulnerabilities Impact Thousands of Sites Read More »

Enphase Ignores CISA Request to Fix Remotely Exploitable Flaws

CISA, Enphase, ICS/OT, IoT Security, Vulnerabilities /

Enphase Ignores CISA Request to Fix Remotely Exploitable Flaws 21/06/2023 at 19:14 By Ionut Arghire Enphase Energy has ignored CISA requests to fix remotely exploitable vulnerabilities in Enphase products. The post Enphase Ignores CISA Request to Fix Remotely Exploitable Flaws appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Enphase Ignores CISA Request to Fix Remotely Exploitable Flaws Read More »

Chrome and Its Vulnerabilities – Is the Web Browser Safe to Use?

Chrome, Featured, Google Chrome, Vulnerabilities /

Chrome and Its Vulnerabilities – Is the Web Browser Safe to Use? 21/06/2023 at 15:33 By Kevin Townsend Why are there so many vulnerabilities in Chrome? Is it realistically safe to use? Can Google do anything to make the web browser safer? The post Chrome and Its Vulnerabilities – Is the Web Browser Safe to

React to this headline:

Loading spinner

Chrome and Its Vulnerabilities – Is the Web Browser Safe to Use? Read More »

VMware Confirms Live Exploits Hitting Just-Patched Security Flaw

Aria Operations for Networks, Malware & Threats, Network Security, virtualization, VMWare, Vulnerabilities /

VMware Confirms Live Exploits Hitting Just-Patched Security Flaw 21/06/2023 at 03:16 By Ryan Naraine VMware updates a critical-level bulletin: “VMware has confirmed that exploitation of CVE-2023-20887 has occurred in the wild.” The post VMware Confirms Live Exploits Hitting Just-Patched Security Flaw appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

VMware Confirms Live Exploits Hitting Just-Patched Security Flaw Read More »

Researchers Flag Account Takeover Flaw in Microsoft Azure AD OAuth Apps

Azure, cloud security, Microsoft, noAuth, OAuth, Vulnerabilities /

Researchers Flag Account Takeover Flaw in Microsoft Azure AD OAuth Apps 20/06/2023 at 23:24 By Ryan Naraine Businesses using ‘Log in with Microsoft’ could be exposed to privilege escalation and full account takeover exploits. The post Researchers Flag Account Takeover Flaw in Microsoft Azure AD OAuth Apps appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Researchers Flag Account Takeover Flaw in Microsoft Azure AD OAuth Apps Read More »

Asus Patches Highly Critical WiFi Router Flaws

Asus, CVE-2018-1160, CVE-2022-26376, firmware, Mobile & Wireless, router, Vulnerabilities /

Asus Patches Highly Critical WiFi Router Flaws 20/06/2023 at 00:17 By Ryan Naraine Asus patches nine WiFi router security defects, including a highly critical 2018 vulnerability that exposes users to code execution attacks. The post Asus Patches Highly Critical WiFi Router Flaws appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Asus Patches Highly Critical WiFi Router Flaws Read More »

Western Digital Blocks Unpatched Devices From Cloud Services

CVE-2022-36327, Endpoint Security, firmware, Vulnerabilities, Western Digital /

Western Digital Blocks Unpatched Devices From Cloud Services 19/06/2023 at 18:08 By Ionut Arghire Western Digital is blocking access to its cloud services for devices running firmware versions impacted by a critical security vulnerability. The post Western Digital Blocks Unpatched Devices From Cloud Services appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Western Digital Blocks Unpatched Devices From Cloud Services Read More »

MOVEit Customers Urged to Patch Third Critical Vulnerability

Featured, MOVEit, Vulnerabilities /

MOVEit Customers Urged to Patch Third Critical Vulnerability 19/06/2023 at 14:17 By Ionut Arghire A critical vulnerability (CVE-2023-35708) in MOVEit software could allow unauthenticated attackers to access database content. The post MOVEit Customers Urged to Patch Third Critical Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

MOVEit Customers Urged to Patch Third Critical Vulnerability Read More »

SquareX Launches Bug Bounty Program for Browser Security Product

bug bounty program, SquareX, Vulnerabilities /

SquareX Launches Bug Bounty Program for Browser Security Product 15/06/2023 at 18:28 By Ionut Arghire Cybersecurity startup SquareX launches a temporary bug bounty program for its cloud-based browser security solution. The post SquareX Launches Bug Bounty Program for Browser Security Product appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

SquareX Launches Bug Bounty Program for Browser Security Product Read More »

Hundreds of Thousands of eCommerce Sites Impacted by Critical Plugin Vulnerability

Vulnerabilities /

Hundreds of Thousands of eCommerce Sites Impacted by Critical Plugin Vulnerability 14/06/2023 at 16:35 By Ionut Arghire Hundreds of thousands of ecommerce sites are impacted by a critical vulnerability in the WooCommerce Stripe Payment Gateway plugin. The post Hundreds of Thousands of eCommerce Sites Impacted by Critical Plugin Vulnerability appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Hundreds of Thousands of eCommerce Sites Impacted by Critical Plugin Vulnerability Read More »

Chrome 114 Update Patches Critical Vulnerability

Chrome, Vulnerabilities /

Chrome 114 Update Patches Critical Vulnerability 14/06/2023 at 15:31 By Ionut Arghire Google has released a Chrome 114 security update to address five vulnerabilities, including a critical-severity bug in Autofill payments. The post Chrome 114 Update Patches Critical Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

Chrome 114 Update Patches Critical Vulnerability Read More »

SAP Patches High-Severity Vulnerabilities With June 2023 Security Updates

Vulnerabilities /

SAP Patches High-Severity Vulnerabilities With June 2023 Security Updates 14/06/2023 at 14:34 By Ionut Arghire SAP has released eight new security notes on June 2023 Security Patch Day, including two that address high-severity vulnerabilities. The post SAP Patches High-Severity Vulnerabilities With June 2023 Security Updates appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

SAP Patches High-Severity Vulnerabilities With June 2023 Security Updates Read More »

Chinese Cyberspies Caught Exploiting VMware ESXi Zero-Day

Cyberwarfare, Featured, VMWare, Vulnerabilities, Zero-Day /

Chinese Cyberspies Caught Exploiting VMware ESXi Zero-Day 13/06/2023 at 21:19 By Ionut Arghire Mandiant has observed a Chinese cyberespionage group exploiting a VMware ESXi zero-day vulnerability for privilege escalation. The post Chinese Cyberspies Caught Exploiting VMware ESXi Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

Chinese Cyberspies Caught Exploiting VMware ESXi Zero-Day Read More »

Microsoft Patches Critical Windows Vulns, Warn of Code Execution Risks

CVE-2023-29363, CVE-2023-32014, CVE-2023-32015, Microsoft, Network Security, Patch Tuesday, Vulnerabilities /

Microsoft Patches Critical Windows Vulns, Warn of Code Execution Risks 13/06/2023 at 21:19 By Ryan Naraine Patch Tuesday: Microsoft ships updates to over at least 70 documented vulnerabilities affecting the Windows ecosystem. The post Microsoft Patches Critical Windows Vulns, Warn of Code Execution Risks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Microsoft Patches Critical Windows Vulns, Warn of Code Execution Risks Read More »

Patch Tuesday: Critical Flaws in Adobe Commerce Software

Application Security, Vulnerabilities /

Patch Tuesday: Critical Flaws in Adobe Commerce Software 13/06/2023 at 19:21 By Ryan Naraine Adobe ships urgent fixes for at least a dozen flaws that expose Adobe Commerce users to code execution attacks. The post Patch Tuesday: Critical Flaws in Adobe Commerce Software appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Patch Tuesday: Critical Flaws in Adobe Commerce Software Read More »

Fortinet Warns Customers of Possible Zero-Day Exploited in Limited Attacks

Featured, Fortinet, Vulnerabilities, Zero-Day /

Fortinet Warns Customers of Possible Zero-Day Exploited in Limited Attacks 13/06/2023 at 11:50 By Eduard Kovacs Fortinet has warned customers that the critical CVE-2023-27997 vulnerability that was patched recently could be a zero-day exploited in limited attacks. The post Fortinet Warns Customers of Possible Zero-Day Exploited in Limited Attacks appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Fortinet Warns Customers of Possible Zero-Day Exploited in Limited Attacks Read More »

Software Supply Chain: The Golden Container Ship

SBOM, Supply Chain Security, Vulnerabilities /

Software Supply Chain: The Golden Container Ship 12/06/2023 at 15:18 By Matt Honea By having a golden image you will put a process in place that allows you to quickly take action when a vulnerability is found within your organization. The post Software Supply Chain: The Golden Container Ship appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Software Supply Chain: The Golden Container Ship Read More »

New MOVEit Vulnerabilities Found as More Zero-Day Attack Victims Come Forward

Featured, MOVEit, Ransomware, Vulnerabilities /

New MOVEit Vulnerabilities Found as More Zero-Day Attack Victims Come Forward 12/06/2023 at 13:34 By Eduard Kovacs Researchers discover new MOVEit vulnerabilities related to the zero-day, just as more organizations hit by the attack are coming forward. The post New MOVEit Vulnerabilities Found as More Zero-Day Attack Victims Come Forward appeared first on SecurityWeek. This

React to this headline:

Loading spinner

New MOVEit Vulnerabilities Found as More Zero-Day Attack Victims Come Forward Read More »

Scroll to Top