An anonymous hacker posted exploit code for a remote code execution vulnerability in version 5 of the popular vBulletin forum software, used on over 100,000 social websites.
Hacker publishes vBulletin zero-day exploit Read More »
Microsoft has released out-of-band patches for Internet Explorer and Microsoft Defender products. The IE zero-day bug is marked critical and is actively exploited in the wild.
Microsoft issues out-of-band patches (Critical IE CVE-2019-1367 exploited in wild) Read More »
Atlassian has issued a security update for Jira Service Desk Server and Jira Service Desk Data Center. The update includes a fix for a critical URL path traversal vulnerability CVE-2019-14994 that could allow information disclosure.
Jira Service Desk critical security update Read More »
A security researcher recently detected a zero-day CSRF vulnerability CVE-2019-12922 in phpMyAdmin 4.9.0.1, which allows the deletion of any server in the Setup page.
phpMyAdmin zero-day vulnerability (CVE-2019-12922) Read More »
VMware issued a security advisory for two vulnerabilities that impact multiple VMware products. The vulnerability severity ranges from a CVSS v3 base score of 4.7 to 8.5.
VMware patches two vulnerabilities in multiple products Read More »
A new ransomware dubbed TFlower has been targeting corporate environments via exposed remote desktop services (RDS).
TFlower ransomware targets companies via exposed RDS Read More »
Cloud security experts from Palo Alto Networks have warned about three critical misconfigurations that are most common in most organizations and have contributed to the majority of cloud attacks.
Top 3 AWS security configuration mistakes Read More »
Google has released a new security update for Chrome browser 77.0.3865.90 for Windows, Mac and Linux. The latest update released on September 18 includes four security fixes. One of the fixes addresses a Critical ‘Use-after-free in UI’ vulnerability CVE-2019-13685, discovered by security researcher Khalil Zhani. In addition, external researchers discovered three other high severity bugs
Chrome security update (77.0.3865.90) Read More »
VMware issued a security advisory for multiple vulnerabilities that impact VMware ESXi and vCenter Server products. The vulnerability severity ranges from a CVSS base score of 4.2 to 7.7.
VMware patches multiple ESXi and vCenter Server vulnerabilities Read More »
LastPass released a new security update that fixes a vulnerability that exposes credentials from a previously visited website. The new version 4.33.0 was released on September 12.
LastPass security update fixes credential leak bug Read More »
