Vulnerability

Three new vulnerabilities have been discovered in multiple Apple products, including iPhone (iOS), iPadOS, watchOS, Safari, macOS and multiple versions of these products. These vulnerabilities have been confirmed as a Zero-Day by Apple.  In response...

The PaperCutNG Mobility Print 1.0.3512 application has been identified to have a cross-site request forgery vulnerability that leads to sophisticated phishing attacks. This vulnerability exists because the application lacks CSRF defenses such as anti-CSRF tokens, header...

Two vulnerabilities have been identified on three Atos Unify OpenScape products, SBC, Branch, and BCF, which are associated with Missing authentication and Authenticated Remote code execution.  One of the vulnerabilities allows threat actors to execute...

The "Silent Skimmer" is a financially motivated group that has been detected targeting vulnerable online payment infrastructure, such as online businesses and Point of Sales (POS) providers. They are mostly active in the Asia-Pacific (APAC)...

Konni, a North Korean APT group, launched the first attack against the cryptocurrency industry, exploiting a recently found WinRAR vulnerability tagged as CVE-2023-38831. According to the study, Konni's decision to focus on the cryptocurrency market was unusual;...

If you are using Trend Micro Apex One, be aware that there may be a vulnerability in the third-party Antivirus uninstaller module. This vulnerability could potentially allow for arbitrary code execution. While the National Vulnerability...

A high-severity cross-site scripting (XSS) vulnerability tracked as (CVE-2023-29183) affecting several FortiOS and FortiProxy versions has been patched by Fortinet. Additionally, the cybersecurity firm provided updates for a high-severity flaw in FortiWeb, tracked as  (CVE-2023-34984). “A cyber...

In a race against the clock to protect user security, major browser vendors, including Google and Mozilla, have rushed to release critical updates in response to a critical vulnerability discovered in the WebP Codec. This...

Researchers uncover a novel Github vulnerability that might let an attacker exploit a race condition in GitHub's repository creation and username renaming operations. A Repojacking attack may be carried out using this method. Exploiting this issue...

As per recent reports, Kubernetes has been discovered with a remote code execution vulnerability, which could allow a threat actor to execute code on the affected Windows endpoints inside a Kubernetes Cluster with SYSTEM...