vulnerability
Microsoft released seven advisories, three are critical
December’s Patch Tuesday brings us seven advisories, three of which are listed as Critical. Depending on how you want to count it, we see a total of 24 or 25 CVEs …
Info of millions of AliExpress customers could have been harvested due to site flaw
A programming flaw in the code of popular online marketplace AliExpress, which connects small Chinese businesses with international buyers and has over 7.7 million registered …
30+ bugs found in Google App Engine
Adam Gowdiak, CEO of Polish firm Security Explorations, has announced that his team of researchers have discovered over 30 serious security issues in the Java security sandbox …
VPN providers urged to update OpenVPN due to critical DoS bug
The OpenVPN Project has issued a new version of its popular open source software of the same name and is urging users to implement it, as it solves a critical denial of …
Siemens pushes out emergency SCADA updates
Siemens has released an out-of-band update for the SIMANTIC WinCC SCADA system, which is integrated in its PCS7 distributed control system and its TIA Portal, engineering …
Adobe urges users to implement critical out-of-band Flash Player update
For the second time in a month, Adobe has issued a security update for Flash Player. This out-of-band update finally fixes a critical vulnerability that could be misused by …
New Docker version solves critical bugs, update immediately
If you’re using Docker, the open source platform for building, shipping and running distributed applications on almost any platform, be sure to update to the latest …
Millions of WordPress websites in danger due to easily exploitable bug
A new WordPress version has been released, and you better update to it, as it patches a critical cross-site scripting flaw that can be exploited by attackers to compromise …
Hikvision DVRs sporting bugs that allow device hijacking
A while back, SANS ISC CTO Johannes Ullrich discovered that cybercrooks were targeting Hikvision Digital Video Recorders (DVRs) in order to infect them with bitcoin-mining …
Default ATM passcodes still exploited by crooks
Once again, ATMs have been “hacked” by individuals taking advantage of default, factory-set passcodes. This time the passcode hasn’t been guessed, or ended …
Latest Microsoft patches crucial for all Windows users
Microsoft has closed a great many flaws, including a 0-day abused by the Sandworm team, in November’s Patch Tuesday. But there is another vulnerability that you should …
SAP finally patches critical, remotely exploitable bugs in GRC solution
More than a year and a half after they have been reported to SAP AG, the company has issued a patch for a number of critical exploitable security vulnerabilities in its …
Featured news
Sponsored
Don't miss
- Overlooked essentials: API security best practices
- SubSnipe: Open-source tool for finding subdomains vulnerable to takeover
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?