vulnerability

New MOVEit Transfer Vulnerability Under Active Exploitation

Jun 26, 2024 by iHash Leave a Comment

Jun 26, 2024NewsroomVulnerability / Data Protection A newly disclosed critical security flaw impacting Progress Software MOVEit Transfer is already seeing exploitation attempts in the wild shortly after details of the bug were publicly disclosed. The vulnerability, tracked as CVE-2024-5806 (CVSS score: 9.1), concerns an authentication bypass that impacts the following … [Read more...] about New MOVEit Transfer Vulnerability Under Active Exploitation

Google Introduces Project Naptime for AI-Powered Vulnerability Research

Jun 24, 2024 by iHash Leave a Comment

Jun 24, 2024NewsroomVulnerability / Artificial Intelligence Google has developed a new framework called Project Naptime that it says enables a large language model (LLM) to carry out vulnerability research with an aim to improve automated discovery approaches. "The Naptime architecture is centered around the interaction between an AI agent and a target codebase," Google … [Read more...] about Google Introduces Project Naptime for AI-Powered Vulnerability Research

Researchers Uncover UEFI Vulnerability Affecting Multiple Intel CPUs

Jun 20, 2024 by iHash Leave a Comment

Jun 20, 2024NewsroomFirmware Security / Vulnerability Cybersecurity researchers have disclosed details of a now-patched security flaw in Phoenix SecureCore UEFI firmware that affects multiple families of Intel Core desktop and mobile processors. Tracked as CVE-2024-0762 (CVSS score: 7.5), the "UEFIcanhazbufferoverflow" vulnerability has been described as a case of a buffer … [Read more...] about Researchers Uncover UEFI Vulnerability Affecting Multiple Intel CPUs

New PHP Vulnerability Exposes Windows Servers to Remote Code Execution

Jun 8, 2024 by iHash Leave a Comment

Jun 08, 2024NewsroomVulnerability / Programming Details have emerged about a new critical security flaw impacting PHP that could be exploited to achieve remote code execution under certain circumstances. The vulnerability, tracked as CVE-2024-4577, has been described as a CGI argument injection vulnerability affecting all versions of PHP installed on the Windows operating … [Read more...] about New PHP Vulnerability Exposes Windows Servers to Remote Code Execution

TikTok Zero-Click vulnerability: what to know?

Jun 6, 2024 by iHash Leave a Comment

Do you use TikTok? Do your kids? You can put your hands down, I know that the question was more rhetorical than anything. If you’ve any interest in the network, you’ve probably seen the news sweeping the interwebs over the past week – news that’s come to a head in the last 24-48 hours as of this writing. The popular social network TikTok has acknowledged a security issue that’s … [Read more...] about TikTok Zero-Click vulnerability: what to know?

FlyingYeti Exploits WinRAR Vulnerability to Deliver COOKBOX Malware in Ukraine

May 30, 2024 by iHash Leave a Comment

May 30, 2024NewsroomCyber Attack / Malware Cloudflare on Thursday said it took steps to disrupt a month-long phishing campaign orchestrated by a Russia-aligned threat actor called FlyingYeti targeting Ukraine. "The FlyingYeti campaign capitalized on anxiety over the potential loss of access to housing and utilities by enticing targets to open malicious files via debt-themed … [Read more...] about FlyingYeti Exploits WinRAR Vulnerability to Deliver COOKBOX Malware in Ukraine

New Wi-Fi Vulnerability Enables Network Eavesdropping via Downgrade Attacks

May 16, 2024 by iHash Leave a Comment

May 16, 2024NewsroomVulnerability / Network Security Researchers have discovered a new security vulnerability stemming from a design flaw in the IEEE 802.11 Wi-Fi standard that tricks victims into connecting to a less secure wireless network and eavesdrop on their network traffic. The SSID Confusion attack, tracked as CVE-2023-52424, impacts all operating systems and Wi-Fi … [Read more...] about New Wi-Fi Vulnerability Enables Network Eavesdropping via Downgrade Attacks

Fortra Patches Critical RCE Vulnerability in FileCatalyst Transfer Tool

Mar 18, 2024 by iHash Leave a Comment

Mar 18, 2024NewsroomVulnerability / Threat Mitigation Fortra has released details of a now-patched critical security flaw impacting its FileCatalyst file transfer solution that could allow unauthenticated attackers to gain remote code execution on susceptible servers. Tracked as CVE-2024-25153, the shortcoming carries a CVSS score of 9.8 out of a maximum of 10. "A directory … [Read more...] about Fortra Patches Critical RCE Vulnerability in FileCatalyst Transfer Tool

GhostRace – New Data Leak Vulnerability Affects Modern CPUs

Mar 15, 2024 by iHash Leave a Comment

Mar 15, 2024NewsroomHardware Security / Data Protection A group of researchers has discovered a new data leakage attack impacting modern CPU architectures supporting speculative execution. Dubbed GhostRace (CVE-2024-2193), it is a variation of the transient execution CPU vulnerability known as Spectre v1 (CVE-2017-5753). The approach combines speculative execution and race … [Read more...] about GhostRace – New Data Leak Vulnerability Affects Modern CPUs

WordPress LiteSpeed Plugin Vulnerability Puts 5 Million Sites at Risk

Feb 27, 2024 by iHash Leave a Comment

Feb 27, 2024NewsroomVulnerability / Website Security A security vulnerability has been disclosed in the LiteSpeed Cache plugin for WordPress that could enable unauthenticated users to escalate their privileges. Tracked as CVE-2023-40000, the vulnerability was addressed in October 2023 in version 5.7.0.1. "This plugin suffers from unauthenticated site-wide stored [cross-site … [Read more...] about WordPress LiteSpeed Plugin Vulnerability Puts 5 Million Sites at Risk

« Previous Page

JBL Flip 6 Portable Bluetooth Speaker (Open Box) for $74

Navee V25 300W Foldable e-Scooter for $299

Smart Tracker Includes Key Ring – Works with Apple Find My App (2-Pack) for $34

Harmony Premium Plan Lifetime Subscription for $99

Lenovo 11.6" 100e Chromebook 2nd Gen (2019) MediaTek MT8173C 4GB RAM 16GB eMMC (Refurbished) for $54