Security researchers have discovered a serious vulnerability CVE-2020-1938 in Apache Tomcat. A bad actor could read or include any files in Tomcat webapp directories.
Security researchers have discovered a new vulnerability dubbed Kr00k (or "KrØØk") that impacts devices with Broadcom and Cypress Wi-Fi chips.
Hackers discovered a bug in PayPal's Google Pay integration to perform unauthorized transactions via PayPal accounts.
Google has released security update for Chrome (80.0.3987.122) for Windows, Mac and Linux. The update also patches a zero-day vulnerability CVE-2020-6418 exploited in the wild.
Qualys security researchers have discovered two vulnerabilities in OpenBSD's mail server OpenSMTPD. OpenBSD has provided patches for both vulnerabilities.
Threat actors are abusing Google Docs Forms as part of cyber campaign to steal Office 365 credentials.
Adobe has released security updates for critical vulnerabilities in Adobe After Effects and Media Encoder products.
Google has released Chrome 80.0.3987.116 for Windows, Mac and Linux. The update includes five security fixes.
Cisco has released security updates for multiple products to include IOS, Email Security Appliance, Data Center Network Manager and other products. One of the updates also addresses a critical vulnerability in Cisco's Smart Software Manager On-Prem.
The Cybersecurity and Infrastructure Security Agency (CISA) issued a security alert of a ransomware attack launched against a pipeline operator. In the cyber attack, actors used spear phishing to gain…