TeamViewer Patches High-Severity Vulnerability in Windows Applications

TeamViewer has released patches for a high-severity elevation of privilege vulnerability in its client and host applications for Windows.
The post TeamViewer Patches High-Severity Vulnerability in Windows Applications appeared first on SecurityWeek.
Continue reading TeamViewer Patches High-Severity Vulnerability in Windows Applications

89% of AI-powered APIs rely on insecure authentication mechanisms

APIs have emerged as the predominant attack surface over the past year, with AI being the biggest driver of API security risks, according to Wallarm. “Based on our findings, what is clear is that API security is no longer just a technical challenge – i… Continue reading 89% of AI-powered APIs rely on insecure authentication mechanisms

Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891)

CVE-2024-40891, a command injection vulnerability in Zyxel CPE Series telecommunications devices that has yet to be fixed by the manufacturer, is being targeted by attackers, cybersecurity company Greynoise has warned. Successful exploitation would all… Continue reading Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891)

LTE, 5G Vulnerabilities Could Cut Entire Cities From Cellular Connectivity

Vulnerabilities in LTE/5G core infrastructure, some remotely exploitable, could lead to persistent denial-of-service to entire cities.
The post LTE, 5G Vulnerabilities Could Cut Entire Cities From Cellular Connectivity appeared first on SecurityWeek.
Continue reading LTE, 5G Vulnerabilities Could Cut Entire Cities From Cellular Connectivity

5,000+ SonicWall firewalls still open to attack (CVE-2024-53704)

5,000+ SonicWall firewalls are still vulnerable to attack via a high-severity vulnerability (CVE-2024-53704) that, according to SonicWall, should be considered “at imminent risk of exploitation”. The warning came last week from Bishop Fox r… Continue reading 5,000+ SonicWall firewalls still open to attack (CVE-2024-53704)