vulnerabilities
-
Apache Cassandra Vulnerability Allows Attackers to Gain Access Data Centers
In a recent security advisory, a moderate-severity vulnerability has been identified in Apache Cassandra, potentially allowing unauthorized users to access…
Read More » -
Critical IBM Security Directory Vulnerability Enables Session Cookie Theft
Free Webinar – DevSecOps Hacks By embedding security into your CI/CD workflows, you can shift left, streamline your DevSecOps processes,…
Read More » -
White House Considers Oracle-Led Takeover of TikTok with U.S. Investors
In a significant development, the Trump administration is reportedly formulating a plan to prevent a nationwide ban on TikTok, involving…
Read More » -
Researchers Exploited Windows Charset Conversion Feature to Execute Remote Code
Researchers have exposed a systemic vulnerability within the Windows operating system, leveraging its “Best-Fit” charset conversion feature to bypass security…
Read More » -
INE Security Alert: Expediting CMMC 2.0 Compliance – GBHackers Security
Free Webinar – DevSecOps Hacks By embedding security into your CI/CD workflows, you can shift left, streamline your DevSecOps processes,…
Read More » -
CISA Releases Six ICS Advisories Details Security Issues
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued six Industrial Control Systems (ICS) advisories addressing vulnerabilities in a range…
Read More » -
Subaru’s STARLINK Connected Car’s Vulnerability Let Attackers Gain Restricted Access
In a groundbreaking discovery on November 20, 2024, cybersecurity researchers Shubham Shah and a colleague unearthed a major security vulnerability…
Read More » -
New Supply Chain Attack Targeting Chrome Extensions to Inject Malicious Code
A sophisticated supply chain attack targeting Chrome browser extensions has come to light, potentially compromising hundreds of thousands of users.…
Read More » -
AI-Powered Static Application Security Testing in the Developer Toolkit
In today’s app dev world, where new apps and millions of lines of code are being deployed every day, the…
Read More » -
Researchers Accessed Windows BitLocker Encrypted Files Disassembling the Laptop
Cybersecurity researchers have uncovered a major flaw in the Windows BitLocker encryption system, allowing attackers to access encrypted data without…
Read More » -
CISA Warns of Aviatrix Controllers OS Command Injection Vulnerability Exploited in Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding a significant OS command injection vulnerability in…
Read More » -
$40,000 Reward for Escalating Limited Path Traversal to RCE
As a dedicated bug bounty hunter with an enviable track record on BugCrowd, Abdullah Nawaf, Full full-time bug Bounty Hunter, thrives…
Read More » -
Hackers Bypass Active Directory Group Policy to Allow Vulnerable NTLMv1 Auth Protocol
Researchers have discovered a critical flaw in Active Directory’s NTLMv1 mitigation strategy, where misconfigured on-premises applications can bypass Group Policy…
Read More » -
AWS Warns of Multiple Vulnerabilities in Amazon WorkSpaces, Amazon AppStream 2.0, & Amazon DCV
Amazon Web Services (AWS) has issued a critical security advisory highlighting vulnerabilities in specific versions of its native clients for…
Read More » -
AIRASHI Botnet Exploiting 0DAY Vulnerabilities In Large Scale DDoS Attacks
AISURU botnet launched a DDoS attack targeting Black Myth: Wukong distribution platforms in August 2024 that leveraged a 0DAY vulnerability…
Read More » -
Apple Announces Information Security Internship For Students
Apple Inc. has officially opened applications for its highly anticipated Information Security Internship, aimed at students eager to dive into…
Read More » -
Hackers Attacking Internet Connected Fortinet Firewalls Using Zero-Day Vulnerability
A widespread campaign targeting Fortinet FortiGate firewall devices with exposed management interfaces on the public internet. The attacks, observed by…
Read More » -
Google’s “Sign in with Google” Flaw Exposes Millions of Users’ Details
A critical flaw in Google’s “Sign in with Google” authentication system has left millions of Americans vulnerable to potential data…
Read More » -
CISA Launched A Free Guide to Enhance OT Products Security
To address rising cyber threats targeting critical infrastructure, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a new…
Read More »