Collaborate Disseminate
Vulnerabilities identified in TP-Link and NetComm router models could be exploited to achieve remote code execution (RCE).
Two security defects were identified in TP-Link WR710N-V1-151022 and Archer-C5-V2-160201 SOHO (small office/home office) routers,… Continue reading Remote Code Execution Vulnerabilities Found in TP-Link, NetComm Routers
Vulnerabilities found in GE’s Proficy Historian product could be exploited by hackers for espionage and to cause damage and disruption in industrial environments.
read more Continue reading Hackers Can Exploit GE Historian Vulnerabilities for ICS Espionage, Disruption
Nissan North America is informing roughly 18,000 customers that their personal information was exposed in a data breach at a third-party services provider.
The breach occurred after data provided by Nissan to the services provider was inadvertently exp… Continue reading 18k Nissan Customers Affected by Data Breach at Third-Party Software Developer
Norway-based industrial risk management and assurance solutions provider DNV said a recent ransomware attack on its ship management software impacted 1,000 vessels.
read more Continue reading Ransomware Attack on DNV Ship Management Software Impacts 1,000 Vessels
Oracle on Tuesday announced the release of its first Critical Patch Update for 2023, which includes 327 new security patches. More than 70 fixes address critical-severity vulnerabilities.
Over 200 of the patches resolve security defects that can be exp… Continue reading Oracle’s First Security Update for 2023 Includes 327 New Patches
Fortinet warns of three new malicious PyPI packages containing code designed to fetch the Wacatac trojan and information stealer as a next stage payload.
read more Continue reading PyPI Users Targeted With ‘Wacatac’ Trojan in New Supply Chain Attack
Cloud security company Orca has published details on four server-side request forgery (SSRF) vulnerabilities impacting different Azure services, including two bugs that could have been exploited without authentication.
read more Continue reading Azure Services SSRF Vulnerabilities Exposed Internal Endpoints, Sensitive Data
A GitHub Codespaces feature meant to help with code development and collaboration can be abused for malware delivery, Trend Micro reports.
read more Continue reading Attackers Can Abuse GitHub Codespaces for Malware Delivery
When the Supreme Court last June stripped away constitutional protections for abortion, concerns grew over the use of period tracking apps because they aren’t protected by federal privacy laws.
read more Continue reading Bill Would Force Period Tracking Apps to Follow Privacy Laws
Avast and Bitdefender have released decryptors to help victims of BianLian and MegaCortex ransomware recover their data for free.
Written in Golang, BianLian emerged in August 2022 and has been used in targeted attacks against entertainment, healthcare… Continue reading Free Decryptors Released for BianLian, MegaCortex Ransomware