Coursera API Flaws

Broken Object Level Authorization Flaw in Coursera Platform Could Expose Users Data

Checkmarx security research team analyzed the security posture of the Coursera platform since “remote everything” became the norm. The access control issues are the most important concern of this platform.  The report says the Coursera...
Sage X3 ERP

Critical Security Vulnerabilities in the Sage X3 ERP Platform Let Attackers Take Full Control...

Rapid7 researchers found four security vulnerabilities involving in the Sage X3 Enterprise Resource Planning (ERP) platform. The first two are protocol-related issues involving remote administration of Sage X3, and the latter two are web...
Windows Print Spooler

Windows Print Spooler RCE Zero-day (CVE-2021-34527) Let Hackers Take Over The Entire System Remotely

Microsoft has released an emergency update for remote code execution vulnerability in Windows Print Spooler. The flaw allows a remote authenticated attacker to attacker execute arbitrary code with SYSTEM privileges. By gaining access to the...
QNAP Critical Flaw

QNAP Critical Flaw let Attackers to Compromise Vulnerable NAS Devices’ Security

QNAP Systems, Inc. has resolved a critical vulnerability that could be exploited by attackers to compromise vulnerable NAS devices security. The security advisory published by the company says, “An improper access control vulnerability tracked as...
PrintNightmare bug

PoC Exploit For CVE-2021-1675 Flaw Published Online Let Attackers To Compromise Windows Systems

Proof-of-concept exploits code for CVE-2021-1675 flaw, unintentionally leaks for dangerous Windows PrintNightmare bug. The flaw impacts the Windows Print Spooler service that can allow a total compromise of Windows systems. Earlier this month, Microsoft addressed...
Critical Flaws In The Atlassian Project

Critical Flaws In The Atlassian Project Let Attackers Take Over Control Of Accounts And...

Check Point Research (CPR) revealed critical vulnerabilities in the Atlassian project that allow attackers to take over control of accounts and Atlassian apps through single sign-on (SSO) capability. Atlassian develops products for software developers, project...
VMware Carbon Black

Critical Flaw With VMware Carbon Black App Control Let Attackers Bypass Authentication

Critical authentication bypass flaw with VMware Carbon Black App Control lets attackers obtain administrative access with any authentication. The vulnerability can be tracked as CVE-2021-21998 and obtained a maximum CVSSv3 base score of 9.4. Carbon...
iPhone bug

Tricky WiFi Hotspot Name Breaks iPhone’s Wireless Functionality

iPhone bug 'breaks' your WiFi when you use an oddly named network. A new iPhone bug has been identified which crushes your iPhone's wireless functionality by connecting to a specific WiFi hotspot. Findings of the...
Instagram Bug

Instagram Bug let Anyone to View Archived Posts and Stories of Users Private Accounts

An Indian Hacker, Mayur Fartade from Maharashtra was able to spot malicious bugs on the Instagram app. This bug allows a malicious user to view targeted media on Instagram. It allowed anyone to view details...
Critical Flaws With Pre-installed Apps

Critical Flaws With Pre-installed Apps on Samsung Devices let Attackers Edit the victim’s Contacts,...

Security bugs found in the pre-installed apps on Samsung devices. Sergey Toshin, founder of mobile security startup ‘Oversecured’ discovered and reported multiple dangerous vulnerabilities. The critical vulnerabilities have allowed an attacker to access and edit...