![Magento](https://img.helpnetsecurity.com/wp-content/uploads/2018/09/09100304/magento-400x200.jpg)
Magento sites under attack through easily exploitable SQLi flaw
A recently patched SQL injection flaw affecting the popular open-source e-commerce platform Magento is being actively exploited by attackers, so if you haven’t …
![WinRar](https://img.helpnetsecurity.com/wp-content/uploads/2019/02/09095152/winrar-400x200.jpg)
500 million WinRAR users open to compromise via a 19-year-old flaw
A vulnerability affecting all versions of WinRAR, the popular file archiver utility for Windows, could be exploited by attackers to deliver malware via specially crafted ACE …
![Allen-Bradley PowerMonitor 1000](https://img.helpnetsecurity.com/wp-content/uploads/2019/02/09095207/powermonitor1000-400x200.jpg)
Rockwell Automation industrial energy meter vulnerable to public exploits
A low-skilled, remote attacker could use publicly available exploits to gain access to and mess with a power monitor by Rockwell Automation that is used by energy companies …
![Linux](https://img.helpnetsecurity.com/wp-content/uploads/2017/06/09103831/linux-400x200.jpg)
Snapd flaw gives attackers root access on Linux systems
A vulnerability affecting Snapd – a package installed by default in Ubuntu and used by other Linux distributions such as Debian, OpenSUSE, Arch Linux, Fedora and Solus …
![LibreOffice](https://img.helpnetsecurity.com/wp-content/uploads/2016/06/09111701/libreoffice-400x200.jpg)
Malicious macros can trigger RCE in LibreOffice, OpenOffice
Achieving remote code execution on systems running LibreOffice or Apache OpenOffice might be as easy as tricking users into opening a malicious ODT (OpenDocument) file and …
![802 Secure](https://img.helpnetsecurity.com/wp-content/uploads/2018/05/09101039/iot-risks-802secure-400x200.jpg)
The problem with vulnerable IoT companion apps
There’s no shortage of exploitable security holes in widely used Internet of Things devices, so it shouldn’t come as a surprise that the communication between many …
![Windows](https://img.helpnetsecurity.com/wp-content/uploads/2017/03/09104734/windows-400x200.jpg)
Researcher releases PoC for Windows VCF file RCE vulnerability
A vulnerability that exists in the way Windows processes VCard files (.vcf) can be exploited by remote attackers to achieve execute arbitrary code on vulnerable systems, …
![](https://img.helpnetsecurity.com/wp-content/uploads/2018/10/09095925/botnet-400x200.jpg)
Serverless botnets could soon become reality
We have been accustomed to think about botnets as a network of compromised machines – personal devices, IoT devices, servers – waiting for their masters’ …
![arrows](https://img.helpnetsecurity.com/wp-content/uploads/2018/05/09101159/arrows-400x200.jpg)
PoC exploit for Windows Shell RCE released
Here’s one more reason to hurry with the implementation of the latest Microsoft patches: a PoC exploit for a remote code execution vulnerability that can be exploited …
![Windows](https://img.helpnetsecurity.com/wp-content/uploads/2018/08/09100327/windows-400x200.jpg)
Windows zero-day flaw and PoC unveiled via Twitter
A Windows zero-day local privilege escalation flaw and a Proof-of-Concept exploit for it have been revealed on Monday by someone who goes by SandboxEscaper on Twitter. The …
![Apache Struts](https://img.helpnetsecurity.com/wp-content/uploads/2017/03/09104837/apache-struts-400x200.jpg)
PoC exploit for critical Apache Struts flaw found online
The Apache Software Foundation revealed last week the existence of a critical Apache Struts flaw (CVE-2018-11776) similar to the one exploited in the Equifax breach and urged …
![Cisco](https://img.helpnetsecurity.com/wp-content/uploads/2018/06/09100704/cisco-400x200.jpg)
Cisco ASA and Firepower flaw exploited in the wild
A high-severity vulnerability affecting Cisco ASA and Firepower security appliances is being exploited in the wild after an exploit has been released online on Friday. …
Featured news
Sponsored
Don't miss
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation
- Firmware update hides Bluetooth fingerprints
- Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)