Sophos has addressed a critical vulnerability, tracked as CVE-2022-1040, in its Sophos Firewall that allows remote code execution (RCE). Sophos has fixed an authentication bypass vulnerability, tracked as CVE-2022-1040, that resides in the User Portal and Webadmin areas of Sophos Firewall. The CVE-2022-1040 flaw received a CVSS score of 9.8 and impacts Sophos Firewall versions 18.5 MR3 (18.5.3) and earlier. […]
Zoho urges customers to address an authentication bypass vulnerability in its ManageEngine ADSelfService Plus that is actively exploited in the wild. Zoho has released a security patch to address an authentication bypass vulnerability, tracked as CVE-2021-40539, in its ManageEngine ADSelfService Plus. The company also warns the vulnerability is already exploited in attacks in the wild. […]
Sucuri revealed that cyber criminals are attempting to hijack online shops based on Magento platform by exploiting a recently disclosed critical flaw. According to the security experts at Sucuri firm, within 24 hours after the disclosure of the vulnerability in Magento platform, bad actors are already attempting to hack e-commerce websites using it. The experts traced back the attacks […]