Collaborate Disseminate
A high-severity flaw allows remote, unauthenticated attackers to potentially gain administrative privileges for Cisco small business switches. Continue reading Cisco Warns of High-Severity Bug in Small Business Switch Lineup
The release of a PoC for the Windows flaw known as “SMBGhost” could set off cyberattack waves, CISA warned. Continue reading SMBGhost RCE Exploit Threatens Corporate Networks
Researchers warn of critical flaws in SAP’s Sybase Adaptive Server Enterprise software. Continue reading Critical SAP ASE Flaws Allow Complete Control of Databases
The zero-day vulnerability tracked as CVE-2020-9859 is exploited by the “Uncover” jailbreak tool released last week. Continue reading Apple Jailbreak Zero-Day Gets a Patch
Apple has fixed a critical flaw in its Sign in with Apple feature, which could have been abused by attackers to takeover victims’ third-party applications. Continue reading Apple Pays $100K Bounty for Critical ‘Sign in With Apple’ Flaw
a malicious app installed on a device can hide behind legitimate apps. Continue reading StrandHogg 2.0 Critical Bug Allows Android App Hijacking
A GitLab path traversal flaw could allow attackers to read arbitrary files and remotely execute code. Continue reading Critical GitLab Flaw Earns Bounty Hunter $20K
Legions of website visitors could be infected with drive-by malware, among other issues, thanks to a CSRF bug in Real-Time Search and Replace. Continue reading WordPress Plugin Bug Opens 100K Websites to Compromise
Cisco stomped out a critical vulnerability in its IP Phone web server that could enable remote code execution by an unauthenticated attacker. Continue reading Cisco IP Phone Harbors Critical RCE Flaw
Novel hack allows an attacker to create a mouse-over in a PowerPoint file that triggers the installation of malware. Continue reading PowerPoint ‘Weakness’ Opens Door to Malicious Mouse-Over Attack