Joomla XSS Bugs Open Millions of Websites to RCE
Improper content filtering in a core function allows multiple paths to exploitation for CVE-2024-21726.
Zoom patches critical privilege elevation flaw in Windows apps
The Zoom desktop and VDI clients and the Meeting SDK for Windows are vulnerable to an improper input validation flaw…
Right back to where we started from
Senate foot-dragging on a bill for birder security and foreign aid allowed gave conservative opponents the opportunity to keep it…
Critical Cisco bug exposes Expressway gateways to CSRF attacks
Cisco has patched several vulnerabilities affecting its Expressway Series collaboration gateways, two of them rated as critical severity and exposing…
Forget Deepfakes or Phishing: Prompt Injection is GenAI’s Biggest Problem
With prompt injection, AI puts new spin on an old security problem
Effective Incident Response Relies on Internal and External Partnerships
Dark Reading research finds increased collaboration between security incident responders and groups within the HR, legal, and communications functions.
PixieFail flaws impact PXE network boot in enterprise systems
A set of nine vulnerabilities, collectively called 'PixieFail,' impact the IPv6 network protocol stack of Tianocore's EDK II, the open-source…
No Labels reaches out to Chris Christie regarding a potential third party, bipartisan presidential ticket
The centrist group No Labels is trying to reach out and speak with former New Jersey Gov. Chris Christie about…
My bold prediction for 2024: Chaos
Here we are in a shiny new year, and it is time for policy analysts and others to make their…
Steam game mod breached to push password-stealing malware
Downfall, a fan expansion for the popular Slay the Spire indie strategy game, was breached on Christmas Day to push…