Cisco warns that exploit code is now available for a maximum severity vulnerability that lets attackers change any user password on unpatched Cisco Smart…
Threat actors are actively attempting to exploit a recently fixed Progress WhatsUp Gold remote code execution vulnerability on exposed servers for initial…
Microsoft discloses unpatched Office flaw that exposes NTLM hashes
Microsoft has disclosed a high-severity vulnerability affecting Office 2016 that could expose NTLM hashes to a remote attacker. [...]
Transparency in Cybersecurity: The Importance of Accurate Vulnerability Disclosures
Recently, the cybersecurity world has been rattled by a series of critical vulnerabilities discovered in Ivanti Connect Secure VPN software.…
CISA warns about actively exploited Apache OFBiz RCE flaw
The U.S. Cybersecurity & Infrastructure Security Agency is warning of two vulnerabilities exploited in attacks, including a path traversal impacting…
Exploit released for Cisco SSM bug allowing admin password changes
Cisco warns that exploit code is now available for a maximum severity vulnerability that lets attackers change any user password on unpatched Cisco Smart…
18-year-old security flaw in Firefox and Chrome exploited in attacks
A vulnerability disclosed 18 years ago, dubbed "0.0.0.0 Day", allows malicious websites to bypass security in Google Chrome, Mozilla Firefox,…
Balancing the Scales: Addressing Privacy, Security, and Biases in AI based on the White House Blueprint for an AI Bill of Rights
Within the last few weeks, the major AI competitors OpenAI, Google, and Microsoft unveiled several new products and capabilities of…
Ronin Network hacked, $12 million returned by “white hat” hackers
Gambling blockchain Ronin Network suffered a security incident yesterday when white hat hackers exploited an undocumented vulnerability on the Ronin…
SEC ends probe into MOVEit attacks impacting 95 million people
The SEC concludes its investigation into Progress Software's handling of the widespread exploitation of a MOVEit Transfer zero-day flaw that exposed…
Critical Progress WhatsUp RCE flaw now under active exploitation
Threat actors are actively attempting to exploit a recently fixed Progress WhatsUp Gold remote code execution vulnerability on exposed servers for initial…
The API Security Crisis: Why Your Company Could Be Next
You're only as strong as your weakest security link.