Drupal patches Critical third-party library vulnerability (CVE-2021-32610)

Drupal has patched a Critical third-party library vulnerability that affects multiple versions of Drupal Core. A remote attacker could exploit this vulnerability to compromise an affected system.

Continue ReadingDrupal patches Critical third-party library vulnerability (CVE-2021-32610)

U.S. government releases advisories and indictments related to “sophisticated Chinese state-sponsored activity”

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) have observed "sophisticated Chinese state-sponsored activity" targeting multiple public and private sectors in the United States.

Continue ReadingU.S. government releases advisories and indictments related to “sophisticated Chinese state-sponsored activity”

Fortinet patches High risk RCE vulnerability (CVE-2021-32589) in FortiManager and FortiAnalyzer

Fortinet has patched a High risk use-after-free vulnerability (CVE-2021-32589) in FortiManager and FortiAnalyzer fgfmsd daemon. An attacker could exploit the vulnerability to launch remote code execution (RCE) as root and take control of an impacted system.

Continue ReadingFortinet patches High risk RCE vulnerability (CVE-2021-32589) in FortiManager and FortiAnalyzer