Collaborate Disseminate
A high-severity vulnerability in Cisco Unified CM and Unified CM SME could allow attackers to cause a denial-of-service (DoS) condition.
The post Cisco Patches High-Severity Vulnerability Reported by NSA appeared first on SecurityWeek.
Continue reading Cisco Patches High-Severity Vulnerability Reported by NSA
A critical vulnerability in the Litespeed Cache WordPress plugin can allow attackers to hack websites by creating an admin user.
The post Exploitation Expected for Flaw in Caching Plugin Installed on 5M WordPress Sites appeared first on SecurityWeek.
Continue reading Exploitation Expected for Flaw in Caching Plugin Installed on 5M WordPress Sites
While pentesting KasperskyOS-based Thin Client and IoT Secure Gateway, we found several vulnerabilities in the Suricata and FreeRDP open-source projects. We shared details on these vulnerabilities with the community along with our fuzzer. Continue reading Memory corruption vulnerabilities in Suricata and FreeRDP
Chrome 128 was released in the stable channel with patches for 38 vulnerabilities, including a V8 JavaScript engine flaw exploited in the wild.
The post Google Patches Sixth Exploited Chrome Zero-Day of 2024 appeared first on SecurityWeek.
Continue reading Google Patches Sixth Exploited Chrome Zero-Day of 2024
GitHub patches a trio of security defects in the GitHub Enterprise Server product and recommends urgent patching for corporate users.
The post Critical Authentication Flaw Haunts GitHub Enterprise Server appeared first on SecurityWeek.
Continue reading Critical Authentication Flaw Haunts GitHub Enterprise Server
An inside look at how LinkedIn developed an internal AI-assisted vulnerability management system to protect its massive infrastructure and user base.
The post Why LinkedIn Developed Its Own AI-Powered Security Platform appeared first on SecurityWeek.
Continue reading Why LinkedIn Developed Its Own AI-Powered Security Platform
Google is shutting down its Google Play Security Reward Program (GPSRP) after determining that it has achieved its goal.
The post Google Play Bug Bounty Program Shutting Down appeared first on SecurityWeek.
Continue reading Google Play Bug Bounty Program Shutting Down
The report contains statistics on vulnerabilities and exploits, with an analysis of interesting vulnerabilities found in Q2 2024. Continue reading Exploits and vulnerabilities in Q2 2024
Backdoor in millions of contactless cards made by Shanghai Fudan Microelectronics allows instantaneous cloning of RFID smart cards used to open office doors and hotel rooms around the world.
The post Major Backdoor in Millions of RFID Cards Allows Inst… Continue reading Major Backdoor in Millions of RFID Cards Allows Instant Cloning
A critical vulnerability in the GiveWP WordPress plugin could be exploited for remote code execution and arbitrary file deletion.
The post Critical Flaw in Donation Plugin Exposed 100,000 WordPress Sites to Takeover appeared first on SecurityWeek.
Continue reading Critical Flaw in Donation Plugin Exposed 100,000 WordPress Sites to Takeover