This week, the Apache Software Foundation issued a new set of patches to address remote code execution (RCE) flaws in Log4j, which could be exploited by threat actors to compromiseRead More →
A cybersecurity specialist reports the detection of a dozen vulnerabilities in myPRO, a product developed by industrial automation firm mySCADA. Among the reported flaws, the expert highlighted an error consideredRead More →
Cybersecurity specialists report the detection of a flaw that would allow threat actors to abuse a set of load optimization features in Google Chrome to evade the Site Isolation feature.Read More →
Exploiting vulnerabilities detected in previous versions of Log4j remains a severe issue, so the cybersecurity community is still looking for the best ways to prevent a cyberattack. However, some usersRead More →
Cybersecurity specialists report the detection of a critical vulnerability in All In One SEO, one of the most popular plugins in WordPress, installed on more than 3 million websites operatedRead More →
In a statement, the U.S. Department of Homeland Security (DHS) announced the launching of “Hack DHS”, a new vulnerability bounty program that will allow the ethical hacking community to discoverRead More →
Cybersecurity specialists report the detection of Manga, a new variant of the Mirai botnet focused especially on the compromise of TP-Link routers using the CVE-2021-41653 vulnerability. The flaw affects TL-WE840NRead More →
Western Digital announced an update to its SanDisk SecureAccess/PrivateAccess product, hoping to address a vulnerability that would allow its users’ data to be accessed through brute force and dictionary attacks.Read More →
Information security specialists reported the finding of two critical vulnerabilities affecting SolarWinds Serv-U. According to the report, successful exploitation of these flaws would allow the deployment of multiple attack scenarios.Read More →