CVE/vulnerability
CISA Warns of Critical Palo Alto Networks Vulnerability Exploited in Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns organizations of a critical vulnerability in Palo Alto Networks' Expedition tool, which could lead to severe security breaches.The vulnerability,...
CVE/vulnerability
Cisco Desk Phone Series Vulnerability Lets Remote Attacker Access Sensitive Information
A significant vulnerability (CVE-2024-20445) has been discovered in Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 that...
Cisco
Cisco Flaw Let Attackers Run Command as Root User
A critical vulnerability has been discovered in Cisco Unified Industrial Wireless Software, which affects Cisco Ultra-Reliable Wireless Backhaul (URWB) Access Points.This flaw tracked...
Azure
Azure API Management Vulnerabilities Let Attackers Escalate Privileges
Recent discoveries by Binary Security have revealed critical vulnerabilities in Azure API Management (APIM) that could allow attackers with minimal privileges to escalate their access and...
Chrome
Google Patches High-Severity Vulnerabilities in Chrome
Google has released a new update for its Chrome browser, addressing two high-severity vulnerabilities.The Stable channel has now been updated to version 130.0.6723.116/.117 for Windows...
CVE/vulnerability
Google Patched 40 Security Vulnerabilities Along With Two Zero-Days
Google has released a batch of security updates addressing 40 vulnerabilities, two of which are critical zero-day exploits.As reported in the November 2024...
CVE/vulnerability
A Massive Hacking Toolkit From “You Dun” Threat Group Developed To Lauch Massive Cyber Attack
The "You Dun" hacking group exploited vulnerable Zhiyuan OA software using SQL injection, leveraging tools like WebLogicScan, Vulmap, and Xray for reconnaissance.They further...
CVE/vulnerability
Okta Verify Agent for Windows Flaw Let Attackers Steal User Passwords
A newly discovered vulnerability in Okta's Device Access features for Windows could allow attackers to steal user passwords on compromised devices.The flaw affecting...
CVE/vulnerability
MediaTek High Severity Vulnerabilities Let Attackers Escalate Privileges
In its recent MediaTek Product Security Bulletin, the chipmaker disclosed two high-severity security vulnerabilities that affect multiple devices, including smartphones, tablets, AIoT (Artificial Intelligence...
Chrome
Google Chrome Security, Critical Vulnerabilities Patched
Google has updated its Chrome browser, addressing critical vulnerabilities that posed potential risks to millions of users worldwide.The latest Stable channel update, version...
CVE/vulnerability
SMB Force-Authentication Vulnerability Impacts All OPA Versions For Windows
Open Policy Agent (OPA) recently patched a critical vulnerability that could have exposed NTLM credentials of the OPA server's local user account to remote...