Adobe Zero-day Vulnerability Reader for Windows has been Exploited in the Wild
Adobe has notified its customers of a critical zero-day vulnerability actively exploited in the wild that affects its ubiquitous Adobe Acrobat PDF reader software.
According to Adobe, the zero-day vulnerability, tracked as CVE-2021-28550, “has been...
Attackers can Abuse Signed PDF Files to Change Amount and Bank Account Number
A security issue in the certification signatures of PDF documents has been discovered by researchers at Ruhr-University Bochum. The Portable Document Format (PDF) is the defacto standard for document exchange.
PDF signatures are a well-established...
Working PoC Published for Wormable Windows IIS Server Vulnerability tracked as CVE-2021-31166
An analysis and working proof-of-concept were found for a wormable Windows IIS server vulnerability which could have potential code exploitation. Microsoft has tracked this in a patch stated CVE-2021-31166.
What can this Exploitation do?
The flaw...
Apple AirTag has been Hacked by a Researcher Just over a Week After Launch
Apple’s latest gadget, the AirTag, has been hacked for the first time within two weeks of its launch in April 2021. A security researcher has been able to hack the accessory by modifying its...
Cisco High-severity Flaws in Webex, SD-WAN, ASR 5000 Software Let attacker Execute Arbitrary Code
The giant IT Cisco has disclosed multiple vulnerabilities in its products of Webex, SD-WAN, and ASR 5000 software which could let the attackers execute arbitrary code and for the good part, Cisco has released...
Jetpack Plugin With 5 Million Active Installation Suffered A Security Flaw
Jetpack is a plugin suite that combines essential WordPress features into one large plugin. It provides free security, performance, marketing, and website management features.
With Jetpack, you can: Get a safer, stronger site via secure...
100 Million+ Devices Affected With Critical WRECK DNS Implementation Flaws
JSOF team together with Forescout Research Labs, have revealed a set of nine vulnerabilities related to Domain Name System (DNS) implementations, causing either Denial of Service (DoS) or Remote Code Execution (RCE).
This vulnerability set,...
Critical Exchange Server Vulnerabilities let Attackers Execute Remote Code
Microsoft has released security updates for vulnerabilities found in the below versions of Exchange servers on the 13th April 2021 which is depicted as CVE-2021-28480, CVE-2021-28481, CVE-2021-28482, CVE-2021-28483
Exchange Server 2013Exchange Server 2016Exchange Server 2019
Updates...
Critical WhatsApp Flaw Let Attackers Hack the Victim Device Remotely
CENSUS identified two vulnerabilities in the popular WhatsApp messenger app for Android. The first of these was independently reported to Facebook and was found to be patched in recent versions, while the second one was...
Popular Desktop Apps Including Telegram, VLC, Wireshark, & others Affected With 1-click Code Execution...
Popular Desktop Apps Including Telegram, VLC, Libre-/OpenOffice, Wireshark, and others are affected with 1-click code execution vulnerabilities. These desktop applications are often vulnerable to code execution with user interaction.
Let’s further see about code execution vulnerabilities...