Vulnerabilities

API Flaw in QuickBlox Framework Exposed PII of Millions of Users

API Flaw in QuickBlox Framework Exposed PII of Millions of Users 13/07/2023 at 21:18 By Kevin Townsend QuickBlox SDK and API vulnerabilities impact chat and video applications used by industries including telemedicine, smart IoT, and finance. The post API Flaw in QuickBlox Framework Exposed PII of Millions of Users appeared first on SecurityWeek. This article […]

API Flaw in QuickBlox Framework Exposed PII of Millions of Users Read More »

Popular WordPress Security Plugin Caught Logging Plaintext Passwords

Popular WordPress Security Plugin Caught Logging Plaintext Passwords 13/07/2023 at 17:46 By Ionut Arghire The All-In-One Security (AIOS) WordPress plugin was found to be writing plaintext passwords to log files. The post Popular WordPress Security Plugin Caught Logging Plaintext Passwords appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

Popular WordPress Security Plugin Caught Logging Plaintext Passwords Read More »

Juniper Networks Patches High-Severity Vulnerabilities in Junos OS

Juniper Networks Patches High-Severity Vulnerabilities in Junos OS 13/07/2023 at 15:31 By Ionut Arghire Juniper Networks has patched multiple high-severity vulnerabilities in Junos OS, Junos OS Evolved, and Junos Space. The post Juniper Networks Patches High-Severity Vulnerabilities in Junos OS appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

Juniper Networks Patches High-Severity Vulnerabilities in Junos OS Read More »

SonicWall Patches Critical Vulnerabilities in GMS, Analytics Products

SonicWall Patches Critical Vulnerabilities in GMS, Analytics Products 13/07/2023 at 14:47 By Ionut Arghire SonicWall patches four critical-severity vulnerabilities in its Global Management System (GMS) and Analytics products. The post SonicWall Patches Critical Vulnerabilities in GMS, Analytics Products appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

SonicWall Patches Critical Vulnerabilities in GMS, Analytics Products Read More »

Apple Re-Releases Urgent Zero-Day Patches With Fix for Website Access Issue

Apple Re-Releases Urgent Zero-Day Patches With Fix for Website Access Issue 13/07/2023 at 14:47 By Eduard Kovacs Apple has re-released its Rapid Security Response updates for iOS and macOS after fixing a website access issue caused by the original patches. The post Apple Re-Releases Urgent Zero-Day Patches With Fix for Website Access Issue appeared first

Apple Re-Releases Urgent Zero-Day Patches With Fix for Website Access Issue Read More »

APT Exploit Targeting Rockwell Automation Flaws Could Threaten Critical Infrastructure

APT Exploit Targeting Rockwell Automation Flaws Could Threaten Critical Infrastructure 13/07/2023 at 13:32 By Eduard Kovacs Two Rockwell Automation product vulnerabilities have been used for a new exploit by an APT group that could use it to target critical infrastructure. The post APT Exploit Targeting Rockwell Automation Flaws Could Threaten Critical Infrastructure appeared first on

APT Exploit Targeting Rockwell Automation Flaws Could Threaten Critical Infrastructure Read More »

Inside the Mind of the Hacker: Report Shows Speed and Efficiency of Hackers in Adopting New Technologies

Inside the Mind of the Hacker: Report Shows Speed and Efficiency of Hackers in Adopting New Technologies 12/07/2023 at 19:00 By Kevin Townsend Bugcrowd’s Inside the Mind of the Hacker report shows the speed and efficiency of hackers adopting new technologies to assist their hunting The post Inside the Mind of the Hacker: Report Shows

Inside the Mind of the Hacker: Report Shows Speed and Efficiency of Hackers in Adopting New Technologies Read More »

Hardcoded Accounts Allow Full Takeover of Technicolor Routers

Hardcoded Accounts Allow Full Takeover of Technicolor Routers 12/07/2023 at 19:00 By Ionut Arghire Multiple hardcoded accounts on the Technicolor TG670 DSL gateway router can be used to completely take over the impacted devices. The post Hardcoded Accounts Allow Full Takeover of Technicolor Routers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Hardcoded Accounts Allow Full Takeover of Technicolor Routers Read More »

Citrix Patches Critical Vulnerability in Secure Access Client for Ubuntu

Citrix Patches Critical Vulnerability in Secure Access Client for Ubuntu 12/07/2023 at 15:33 By Ionut Arghire Citrix has patched a critical-severity vulnerability in Secure Access client for Ubuntu that could lead to remote code execution (RCE). The post Citrix Patches Critical Vulnerability in Secure Access Client for Ubuntu appeared first on SecurityWeek. This article is

Citrix Patches Critical Vulnerability in Secure Access Client for Ubuntu Read More »

Fortinet Patches Critical FortiOS Vulnerability Leading to Remote Code Execution

Fortinet Patches Critical FortiOS Vulnerability Leading to Remote Code Execution 12/07/2023 at 14:54 By Ionut Arghire Fortinet patches a critical-severity vulnerability in FortiOS and FortiProxy that could lead to remote code execution. The post Fortinet Patches Critical FortiOS Vulnerability Leading to Remote Code Execution appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Fortinet Patches Critical FortiOS Vulnerability Leading to Remote Code Execution Read More »

SAP Patches Critical Vulnerability in ECC and S/4HANA Products

SAP Patches Critical Vulnerability in ECC and S/4HANA Products 12/07/2023 at 12:17 By Ionut Arghire SAP on July 2023 Security Patch Day released 16 new security notes, including one addressing a critical vulnerability in ECC and S/4HANA (IS-OIL). The post SAP Patches Critical Vulnerability in ECC and S/4HANA Products appeared first on SecurityWeek. This article

SAP Patches Critical Vulnerability in ECC and S/4HANA Products Read More »

Microsoft Warns of Office Zero-Day Attacks, No Patch Available

Microsoft Warns of Office Zero-Day Attacks, No Patch Available 11/07/2023 at 21:47 By Ryan Naraine Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite. The post Microsoft Warns of Office Zero-Day Attacks, No Patch Available appeared first on SecurityWeek. This article is an excerpt from

Microsoft Warns of Office Zero-Day Attacks, No Patch Available Read More »

Adobe Patch Tuesday: Critical Flaws Haunt InDesign, ColdFusion

Adobe Patch Tuesday: Critical Flaws Haunt InDesign, ColdFusion 11/07/2023 at 20:33 By Ryan Naraine Software maker calls special attention to CVE-2023-29300, a deserialization of untrusted data bug with a CVSS severity score of 9.8/10. The post Adobe Patch Tuesday: Critical Flaws Haunt InDesign, ColdFusion appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Adobe Patch Tuesday: Critical Flaws Haunt InDesign, ColdFusion Read More »

Apple Ships Urgent iOS Patch for WebKit Zero-Day

Apple Ships Urgent iOS Patch for WebKit Zero-Day 11/07/2023 at 02:02 By Ryan Naraine Apple rolls out urgent iOS and iPadOS software updates and warned that zero-day exploitation has already been detected. The post Apple Ships Urgent iOS Patch for WebKit Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

Apple Ships Urgent iOS Patch for WebKit Zero-Day Read More »

Exploit Code Published for Remote Root Flaw in VMware Logging Software

Exploit Code Published for Remote Root Flaw in VMware Logging Software 10/07/2023 at 23:02 By Ryan Naraine VMware confirmed that exploit code for CVE-2023-20864 has been published, underscoring the urgency for enterprise network admins to apply available patches. The post Exploit Code Published for Remote Root Flaw in VMware Logging Software appeared first on SecurityWeek.

Exploit Code Published for Remote Root Flaw in VMware Logging Software Read More »

Critical Vulnerability Can Allow Takeover of Mastodon Servers

Critical Vulnerability Can Allow Takeover of Mastodon Servers 10/07/2023 at 17:17 By Ionut Arghire A critical vulnerability in the Mastodon social networking platform may allow attackers to take over target servers. The post Critical Vulnerability Can Allow Takeover of Mastodon Servers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

Critical Vulnerability Can Allow Takeover of Mastodon Servers Read More »

PoC Exploit Published for Recent Ubiquiti EdgeRouter Vulnerability

PoC Exploit Published for Recent Ubiquiti EdgeRouter Vulnerability 10/07/2023 at 17:17 By Ionut Arghire PoC exploit has been published for a recently patched Ubiquiti EdgeRouter vulnerability leading to arbitrary code execution. The post PoC Exploit Published for Recent Ubiquiti EdgeRouter Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

PoC Exploit Published for Recent Ubiquiti EdgeRouter Vulnerability Read More »

After Zero-Day Attacks, MOVEit Turns to Security Service Packs

After Zero-Day Attacks, MOVEit Turns to Security Service Packs 07/07/2023 at 20:31 By Ryan Naraine Facing ransomware zero-days, Progress Software will release regular service packs to help customers mitigate critical security flaws. The post After Zero-Day Attacks, MOVEit Turns to Security Service Packs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

After Zero-Day Attacks, MOVEit Turns to Security Service Packs Read More »

In Other News: Healthcare Product Flaws, Free Email Security Testing, New Attack Techniques

In Other News: Healthcare Product Flaws, Free Email Security Testing, New Attack Techniques 07/07/2023 at 18:31 By SecurityWeek News Weekly cybersecurity news roundup that provides a summary of noteworthy stories that might have slipped under the radar for the week of July 3, 2023. The post In Other News: Healthcare Product Flaws, Free Email Security

In Other News: Healthcare Product Flaws, Free Email Security Testing, New Attack Techniques Read More »

StackRot Linux Kernel Vulnerability Shows Exploitability of UAFBR Bugs

StackRot Linux Kernel Vulnerability Shows Exploitability of UAFBR Bugs 06/07/2023 at 14:46 By Eduard Kovacs A new Linux kernel vulnerability tracked as StackRot and CVE-2023-3269 shows the exploitability of use-after-free-by-RCU (UAFBR) bugs. The post StackRot Linux Kernel Vulnerability Shows Exploitability of UAFBR Bugs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

StackRot Linux Kernel Vulnerability Shows Exploitability of UAFBR Bugs Read More »

Scroll to Top