More results...
KeePass, a widely used password manager application, is vulnerable to a security flaw that gives the threat actors ability to extract the master password from the memory of the app. This vulnerability poses a significant risk as attackers can retrieve …
The web-based user interface of some Cisco Small Business Series Switches contains multiple vulnerabilities, according to a warning from Cisco. Cisco lists four critical remote code execution flaws with public exploit code. With CVSS base scores of 9.8…
All Apple users have zero-days that need patching, though some have more zero-days than others.
Tam Cymru researchers have recently revealed noteworthy patterns and irregularities from their continuous monitoring of QakBot’s command and control infrastructure. The researchers shared high-level insights into the findings, shedding ligh…
Nine vulnerabilities – 4 of them critical – have been found in a variety of Cisco Small Business Series Switches. PoC exploit code is available (but not public), and there is no indication that they are being exploited in the wild. About th…
Get technical details about how the cybercriminals are targeting this vulnerability, who is impacted, and how to detect and protect against this security threat.
The post PaperCut vulnerability abused by several threat actors could impact 70,000 organi…
The cybersecurity researchers at Symantec Threat Labs recently discovered APT hacking group has been utilizing the specialized ‘Merdoor’ backdoor malware to conduct precise and prolonged attacks on the following sectors in South and Southea…
The Insurance industry was the most targeted sector in Q1, 2023, according to Indusface’s State of Application Security report, with 12 times more attacks than any other sector. Another report from the same year reveals that the insurance industry witn…
Based on the recent report from char49, it appears that there was a critical flaw in Ferrari’s subdomain, which led to an arbitrary file read vulnerability. The vulnerability existed in the media.ferrari.com subdomain using a vulnerable WordPress plugi…
Three vulnerabilities in Advantech’s EKI series of serial device servers could be exploited to execute arbitrary commands on the OS level. Source: CyberDanube The vulnerabilities Serial device servers are networking devices that “network-en…