A recent report by the U.S. Department of Homeland Security (DHS) notes that, over the past year, the “Hack the DHS” vulnerability bounty program involved more than 450 cybersecurity professionals,Read More →
Cybersecurity specialists report the detection of a series of vulnerabilities in Elcomplus SmartPPT SCADA, an integrated voice and data dispatch software. According to the report, successful exploitation of the flawRead More →
This week, Drupal administrators announced the release of security updates in order to address some security flaws that could lead to access bypass and data overwriting attacks. In its report,Read More →
In a recent report, Google Project Zero pointed out that during 2021 58 zero-day vulnerabilities were reported exploited, a record in the short time that this specialized team has beenRead More →
After receiving a report from ESET researcher Martin Smolár, Lenovo security teams announced the correction of three severe vulnerabilities. Tracked as CVE-2021-3970, CVE-2021-3971, and CVE-2021-3972, the flaws could be exploitedRead More →
Information security specialists report the detection of a critical vulnerability in Composer, a package management system for programming in PHP that provides the standard formats necessary to handle PHP dependenciesRead More →
Citrix announced the release of security patches for multiple vulnerabilities present in some of its products, including a severe issue in SD-WAN. Tracked as CVE-2022-27505, this flaw was described asRead More →
Those responsible for the NGINX web server released a series of security updates to fix a severe zero-day vulnerability in its Lightweight Directory Access Protocol (LDAP). The NGINX LDAP referenceRead More →
Developers addressed a command injection vulnerability in asciidoctor-include-ext, a popular Ruby library that allows users to parse and convert AsciiDoc files. According to the report, this vulnerability allows remote codeRead More →