All posts tagged "vulnerability"
-
Security
/ 2 days agoCISA Adds Two Roundcube Vulnerabilities to Exploited Flaws List
The U.S. cybersecurity and Infrastructure Security Agency (CISA) added two security vulnerabilities affecting Roundcube webmail software to its Known Exploited Vulnerabilities...
-
Security
/ 3 days agoCritical BeyondTrust Flaw Exploited for Web Shells, Data Theft
cybersecurity researchers report that threat actors are actively exploiting a severe vulnerability in BeyondTrust‘s enterprise security software to install backdoors, steal...
-
Security
/ 5 days agoDell RecoverPoint Zero-Day Exploited by Suspected China-Linked Group
A critical vulnerability in Dell’s data replication software has been actively exploited as a zero-day since mid-2024 by a suspected China-nexus...
-
Security
/ 5 days agoCISA Adds Four Actively Exploited Flaws to KEV Catalog
The U.S. cybersecurity and Infrastructure Security Agency (CISA) updated its Known Exploited Vulnerabilities (KEV) catalog on Tuesday, adding four security flaws....
-
Security
/ 7 days agoMajor Password Managers Vulnerable to Recovery Attacks
A recent academic study has identified significant vulnerabilities in several leading cloud-based password management services. The research found that under specific...
-
Security
/ 1 week agoBeyondTrust Vulnerability Actively Exploited by Attackers
Threat actors have begun actively exploiting a critical security vulnerability in BeyondTrust’s Remote Support and Privileged Remote Access software. The cybersecurity...
-
Security
/ 2 weeks agoMicrosoft Patches 59 Flaws, Six Exploited Zero-Days
Microsoft released a substantial set of security updates on Tuesday, addressing a total of 59 newly discovered vulnerabilities in its software...
-
Security
/ 2 weeks agoVulnerable Training Apps Risk Cloud Crypto-Mining Attacks
Security researchers have identified a significant risk where intentionally vulnerable training applications, if improperly deployed in corporate cloud environments, can be...
-
Security
/ 2 weeks agoFortinet Patches Critical SQL Injection Vulnerability in FortiClientEMS
Fortinet has issued critical security updates to address a severe vulnerability in its FortiClient Enterprise Management Server (EMS) software. The flaw,...
-
Security
/ 2 weeks agoSolarWinds Web Help Desk Exploited in Multi-Stage Network Attacks
Microsoft has disclosed that threat actors are actively exploiting internet-exposed instances of SolarWinds Web Help Desk software to gain initial access...
