An XSS flaw in GitLab allows attackers to take over accounts<gwmw style="display:none;"></gwmw>

2 years ago

GitLab addressed a high-severity cross-site scripting (XSS) vulnerability that allows unauthenticated attackers to take over user accounts. GitLab fixed a high-severity…

Google fixes eighth actively exploited Chrome zero-day this year, the third in a month

2 years ago

Google rolled out a new emergency security update to fix another actively exploited zero-day vulnerability in the Chrome browser. Google…

CISA adds Apache Flink flaw to its Known Exploited Vulnerabilities catalog

2 years ago

CISA adds Apache Flink improper access control vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security…

Usage of TLS in DDNS Services leads to Information Disclosure in Multiple Vendors

2 years ago

The use of Dynamic DNS (DDNS) services embedded in appliances can potentially expose data and devices to attacks. The use…

Recall feature in Microsoft Copilot+ PCs raises privacy and security concerns

2 years ago

UK data watchdog is investigating Microsoft regarding the new Recall feature in Copilot+ PCs that captures screenshots of the user's…

APT41: The threat of KeyPlug against Italian industries

2 years ago

Tinexta Cyber’s Zlab Malware Team uncovered a backdoor known as KeyPlug employed in attacks against several Italian industries During an…

Critical SQL Injection flaws impact Ivanti Endpoint Manager (EPM)

2 years ago

Ivanti addressed multiple flaws in the Endpoint Manager (EPM), including remote code execution vulnerabilities. Ivanti this week rolled out security…

Chinese actor ‘Unfading Sea Haze’ remained undetected for five years<gwmw style="display: none; background-color: transparent;"></gwmw>

2 years ago

A previously unknown China-linked threat actor dubbed 'Unfading Sea Haze' has been targeting military and government entities since 2018. Bitdefender…

A consumer-grade spyware app found in check-in systems of 3 US hotels

2 years ago

A researcher discovered a consumer-grade spyware app on the check-in systems of at least three Wyndham hotels across the US.…

Critical Veeam Backup Enterprise Manager authentication bypass bug

2 years ago

A critical security vulnerability in Veeam Backup Enterprise Manager could allow threat actors to bypass authentication. A critical vulnerability, tracked…

This website uses cookies.