EHA
Adobe zero-day Vulnerability

Adobe Zero-day Vulnerability Reader for Windows has been Exploited in the Wild

Adobe has notified its customers of a critical zero-day vulnerability actively exploited in the wild that affects its ubiquitous Adobe Acrobat PDF reader software. According to Adobe, the zero-day vulnerability, tracked as CVE-2021-28550, “has been...
Attackers Abuse Signed PDF Files

Attackers can Abuse Signed PDF Files to Change Amount and Bank Account Number

A security issue in the certification signatures of PDF documents has been discovered by researchers at Ruhr-University Bochum. The Portable Document Format (PDF) is the defacto standard for document exchange. PDF signatures are a well-established...
Wormable IIS flaw

Working PoC Published for Wormable Windows IIS Server Vulnerability tracked as CVE-2021-31166

An analysis and working proof-of-concept were found for a wormable Windows IIS server vulnerability which could have potential code exploitation. Microsoft has tracked this in a patch stated CVE-2021-31166. What can this Exploitation do? The flaw...
Apple AirTag

Apple AirTag has been Hacked by a Researcher Just over a Week After Launch

Apple’s latest gadget, the AirTag, has been hacked for the first time within two weeks of its launch in April 2021. A security researcher has been able to hack the accessory by modifying its...
Cisco High-severity Flaws

Cisco High-severity Flaws in Webex, SD-WAN, ASR 5000 Software Let attacker Execute Arbitrary Code

The giant IT Cisco has disclosed multiple vulnerabilities in its products of Webex, SD-WAN, and ASR 5000 software which could let the attackers execute arbitrary code and for the good part, Cisco has released...
Jetpack Security Flaw

Jetpack Plugin With 5 Million Active Installation Suffered A Security Flaw

Jetpack is a plugin suite that combines essential WordPress features into one large plugin. It provides free security, performance, marketing, and website management features. With Jetpack, you can: Get a safer, stronger site via secure...
WRECK DNS

100 Million+ Devices Affected With Critical WRECK DNS Implementation Flaws

JSOF team together with Forescout Research Labs, have revealed a set of nine vulnerabilities related to Domain Name System (DNS) implementations, causing either Denial of Service (DoS) or Remote Code Execution (RCE). This vulnerability set,...
Exchange Server Vulnerabilities

Critical Exchange Server Vulnerabilities let Attackers Execute Remote Code

Microsoft has released security updates for vulnerabilities found in the below versions of Exchange servers on the 13th April 2021 which is depicted as CVE-2021-28480, CVE-2021-28481, CVE-2021-28482, CVE-2021-28483 Exchange Server 2013Exchange Server 2016Exchange Server 2019 Updates...
Critical WhatsApp Flaw

Critical WhatsApp Flaw Let Attackers Hack the Victim Device Remotely

CENSUS identified two vulnerabilities in the popular WhatsApp messenger app for Android. The first of these was independently reported to Facebook and was found to be patched in recent versions, while the second one was...
Popular Desktop App Flaws

Popular Desktop Apps Including Telegram, VLC, Wireshark, & others Affected With 1-click Code Execution...

Popular Desktop Apps Including Telegram, VLC, Libre-/OpenOffice, Wireshark, and others are affected with 1-click code execution vulnerabilities. These desktop applications are often vulnerable to code execution with user interaction. Let’s further see about code execution vulnerabilities...

Managed WAF

Website

Latest News