+84949482065
TikTok’s ‘Invisible Challenge’ to trick users into downloading the W4SP Stealer malware. With over a million views on such videos, threat actors managed to steal and add more than 30,000…
Alarm instance management has command injection when there is a specific command configured. It is only for logged-in users. We recommend you upgrade to version 2.0.6 or higher. More detail https://lists.apache.org/thread/2f126y32bf1v3mvxkdgt2jr5j3l1t01w
The Android banking Trojan Vultur has reached a total of more than 100,000 downloads on the Google Play Store, says a new advisory from cybersecurity experts at Cleafy. The dropper hides…
Server-Side Request Forgery (SSRF) vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Data Center Analytics, Analytics probe components), Hitachi Ops Center Analyzer on Linux (Hitachi Ops Center Analyzer detail view,…
Fluentd collects events from various data sources and writes them to files, RDBMS, NoSQL, IaaS, SaaS, Hadoop and so on. A remote code execution (RCE) vulnerability in non-default configurations of…
An improper handling of malformed request vulnerability [CWE-228] exists in FortiADC 5.0 all versions, 6.0.0 all versions, 6.1.0 all versions, 6.2.0 through 6.2.3, and 7.0.0 through 7.0.2. This may allow…
It was possible to bypass policies configured for Zero Trust Secure Web Gateway by using warp-cli 'set-custom-endpoint' subcommand. Using this command with an unreachable endpoint caused the WARP Client to…
Financial service providers, such as banks and credit card companies, use a vast amount of APIs, which makes them an attractive target for threat actors. That’s why API security is…
Microsoft has fixed an authentication bypass vulnerability in Jupyter Notebooks for Azure Cosmos DB. Microsoft says that the missing authentication checks issue was introduced in August. Researchers from Orca reported…
Numerous news sites across the US are serving up malware, according to Proofpoint Threat Research. The issue appears to be a supply chain attack: the attackers targeted a content and…
