Simple Payroll System 1.0 SQL Injection
Authored by Yash Mahajan Simple Payroll System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication…
Alchemy CMS 6.0.0 Arbitrary File Upload
Authored by Abdulrahman Alchemy CMS versions 2.x through 6.0.0 suffers from an arbitrary file upload vulnerability. Change Mirror Download #…
Keycloak 12.0.1 Server-Side Request Forgery
Authored by Mayank Deshmukh Keycloak version 12.0.1 suffers from a blind server-side request forgery vulnerability. advisories | CVE-2020-10770 Change Mirror…
Apache HTTP Server 2.4.50 Path Traversal / Code Execution
Authored by Lucas Souza Apache HTTP Server version 2.4.50 suffers from path traversal and code execution vulnerabilities. advisories | CVE-2021-42013…
Olympus US was forced to take down computer systems due to cyberattack
Olympus US was forced to take down IT systems in the American region (U.S., Canada, and Latin America) […] The…
How Coinbase Phishers Steal One-Time Passwords
A recent phishing campaign targeting Coinbase users shows thieves are getting cleverer about phishing one-time passwords (OTPs) needed to complete…
Microsoft Fixes Zero-Day Flaw in Win32 Driver
A previously known threat actor is using the flaw in a broad cyber-espionage campaign, security vendor warns.
Patch Tuesday, October 2021 Edition
Microsoft today issued updates to plug more than 70 security holes in its Windows operating systems and other software, including…
Why Choke-Point Analysis Is Essential in Active Directory Security
Defense should focus on high-value choke points first to ensure that their most critical assets are protected, before moving on…
WordPress Pie Register 3.7.1.4 Privilege Escalation
Authored by Lotfi13-DZ WordPress Pie Register plugin versions 3.7.1.4 and below suffer from a privilege escalation vulnerability. Change Mirror Download…