JsonWebToken Security Bug Opens Servers to RCE
The JsonWebToken package plays a big role in the authentication and authorization functionality for many applications.
Microsoft shares temporary fix for ODBC database connection issues
Microsoft has released a temporary fix for a known issue impacting Windows apps using ODBC database connections after installing the November 2022 Patch…
Google Home speakers allowed hackers to snoop on conversations
A bug in Google Home smart speaker allowed installing a backdoor account that could be used to control it remotely…
Container Verification Bug Allows Malicious Images to Cloud Up Kubernetes
A complete bypass of the Kyverno security mechanism for container image imports allows cyberattackers to completely take over a Kubernetes…
Google WordPress Plug-in Bug Allows AWS Metadata Theft
A successful attacker could use the SSRF vulnerability to collect metadata from WordPress sites hosted on an AWS server, and…
Single Sign-on: It’s Only as Good as Your Ability to Use It
Increased federal cybersecurity regulations provide a pivot point for manufacturers to reconsider their access management strategy.
Microsoft: November updates break ODBC database connections
Microsoft is working to address a new known issue affecting apps using ODBC database connections after installing the November 2022 Patch…
Sneaky hackers reverse defense mitigations when detected
A financially motivated threat actor is hacking telecommunication service providers and business process outsourcing firms, actively reversing defensive mitigations applied…
‘Political pawns’: Livid railway workers warn Biden’s union agreement will ‘definitely’ impact next election
The third-largest rail union in America, as well as railroad workers, are looking ahead after President Biden signed into law…
SiriusXM, MyHyundai Car Apps Showcase Next-Gen Car Hacking
A trio of security bugs allow remote attackers to unlock or start the car, operate climate controls, pop the trunk,…