⚠️ If you're using the Jetpack plugin, listen up! A critical flaw has been discovered, leaving your WordPress site vulnerable to attacks.
Gigabyte systems have been found with backdoor-like behavior, allowing unsecure Windows executable downloads via UEFI firmware.
Ongoing attacks are targeting an Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability in a WordPress cookie consent plugin named Beautiful Cookie Consent Banner with more than 40,000 active installs.
Barracuda warned customers that some of its Email Security Gateway (ESG) appliances were breached exploiting a zero-day vulnerability
CVE-2023-2825 is a path traversal vulnerability that enables an unauthenticated user to read arbitrary files on the server.
Les pirates exploitent activement une faille de sécurité qui touche de nombreux appareils Samsung sous Android 11, 12 et 13. La marque incite les utilisateurs à mettre à jour leurs appareils le plus rapidement possible.
Contribute to vdohney/keepass-password-dumper development by creating an account on GitHub.
Hackers are actively exploiting a recently fixed vulnerability in the WordPress Advanced Custom Fields plugin
The loader, which was documented by Morphisec last month, is designed to check the system's graphic card to determine if it's running on a virtual machine or in a sandbox environment, and ultimately launch the Aurora information stealer malware.
The campaign, per Malwarebytes, has claimed 585 victims over the past two months, with the threat
A new Linux NetFilter kernel flaw has been discovered, allowing unprivileged local users to escalate their privileges to root level, allowing complete control over a system.
What is SMBGhost SMBGhost (CVE-2020-0796) is a vulnerability affecting SMB 3.1, and more precisely one of its decompression function. As SMB 3.1 added support for data compression in order to save bandwidth, it added a decompression function presenting an integer overflow resulting in multiple subsequent buffer overflows. Those buffer overflows are exploitable in a way […]
The open-source e-commerce platform PrestaShop has released a new version that addresses a critical-severity vulnerability allowing any back-office user to write, update, or delete SQL databases regardless of their permissions.
ollowed by repeatedly spoofing a request to that service with a victim's IP as the source address.
Sophos addressed three vulnerabilities in Sophos Web Appliance, including a critical flaw that can lead to code execution.