Collaborate Disseminate
Only a few hours after the Drupal team releases latest updates to fix a new remote code execution flaw in its content management system software, hackers have already started exploiting the vulnerability in the wild.
Announced yesterday, the newly dis… Continue reading Release of PoC Exploit for New Drupal Flaw Once Again Puts Sites Under Attack
Hackers have started exploiting a recently disclosed critical vulnerability in Drupal shortly after the public release of working exploit code.
Two weeks ago, Drupal security team discovered a highly critical remote code execution vulnerability, dubbe… Continue reading Hackers Have Started Exploiting Drupal RCE Exploit Released Yesterday
The Apache Tomcat team has recently patched several security vulnerabilities in Apache Tomcat, one of which could allow an unauthorised attacker to execute malicious code on affected servers remotely.
Apache Tomcat, developed by the Apache Software Fo… Continue reading Apache Tomcat Patches Important Remote Code Execution Flaw
A 7-year-old critical remote code execution vulnerability has been discovered in Samba networking software that could allow a remote attacker to take control of an affected Linux and Unix machines.
Samba is open-source software (re-implementation of S… Continue reading 7-Year-Old Samba Flaw Lets Hackers Access Thousands of Linux PCs Remotely
Internet-of-Things devices are turning every industry into the computer industry, making customers think that their lives would be much easier with smart devices.
There are, of course, some really good reasons to connect certain devices to the Interne… Continue reading Internet-Connected Medical Washer-Disinfector Found Vulnerable to Hacking
It’s been over a week since Wikileaks promised to hand over more information on hacking tools and tactics of the Central Intelligence Agency (CIA) to the affected tech companies, following a leak of a roughly 8,761 documents that Wikileaks claimed belo… Continue reading WikiLeaks Won’t Disclose CIA Exploits To Companies Until Certain Demands Are Met
It’s been over a week since Wikileaks promised to hand over more information on hacking tools and tactics of the Central Intelligence Agency (CIA) to the affected tech companies, following a leak of a roughly 8,761 documents that Wikileaks claimed belo… Continue reading WikiLeaks Won’t Disclose CIA Exploits To Companies Until Certain Demands Are Met
Security researchers have discovered a chip flaw that could nullify hacking protections for millions of devices regardless of their operating system or application running on them, and the worse — the flaw can not be entirely fixed with any mere software update.
The vulnerability resides in the way the memory management unit (MMU), a component of many CPUs, works and leads to bypass the
Continue reading A Simple JavaScript Exploit Bypasses ASLR Protection On 22 CPU Architectures
Again bad news for consumers with Netgear routers: Netgear routers hit by another serious security vulnerability, but this time more than two dozens router models are affected.
Security researchers from Trustwave are warning of a new authentication vu… Continue reading Check If Your Netgear Router is also Vulnerable to this Password Bypass Flaw
Update: A hacker yesterday claimed to have hacked the FBI’s website running on Plone CMS, but it seems it wasn’t hacked using any zero-day vulnerability in Plone. We contacted Plone security team and updated this story (see below) with official stateme… Continue reading Update — Hacker Claims to Have Hacked the FBI, But It Wasn’t