In its latest update, the Open Web Application Security Project (OWASP) announced the inclusion of three new categories to its list of top security risks that could put all kindsRead More →
VMware released a critical security alert to address various vulnerabilities found in Workspace ONE Access, VMware Identity Manager (vIDM), vRealize Lifecycle Manager, vRealize Automation, and VMware Cloud Foundation products. AccordingRead More →
A report by cloud security firm Orca Security points to the detection of a set of zero-day vulnerabilities in various Amazon AWS Cloud deployments. The successful exploitation of these errorsRead More →
HCL Digital Experience (DX), a platform for creating and managing web platforms, is affected by multiple vulnerabilities that could lead to remote code execution (RCE) scenarios, the researchers claim. AlthoughRead More →
In a security report, VMware notified its customers of the fix of some server-side request forgery (SSRF) and arbitrary file reading vulnerabilities in vCenter Server. According to the report, theRead More →
Specialists from the security firm Claroty reported the detection of multiple code execution vulnerabilities in various virtual private network (VPN) products dependent on OpenVPN. In total, 4 flaws were detectedRead More →
A hacking group is exploiting Microsoft Exchange servers exposed to the ProxyShell vulnerability in order to install a backdoor and deploy subsequent attacks. As you may recall, ProxyShell is aRead More →
Cybersecurity specialists reported the finding of two critical vulnerabilities in PHP, a general-purpose programming language specially adapted for web development. According to the report, successful exploitation of these flaws wouldRead More →
Experts report that a flaw in Open Distro, a software package that includes Kibana and Elasticsearch, was affected by a vulnerability that allowed threat actors to gain unauthorized access toRead More →