EHA
Microsoft Edge Vulnerability Let Attackers Execute Malicious Code

Microsoft Edge Vulnerability Let Attackers Execute Malicious Code

Three new vulnerabilities have been discovered in Microsoft Edge (Chromium-based) associated with Remote Code execution and Spoofing. The CVEs of these vulnerabilities have been assigned as CVE-2023-36022, CVE-2023-36029, and CVE-2023-36034. The severity of these vulnerabilities...
Novel Supply Chain Attack

Researchers Hacked into Microsoft, Apple, more in Novel Supply Chain Attack

Ethical hacker, Alex Birsan, has demonstrated that it is possible to breach the systems of tech giants by utilizing a novel supply chain attack by exploiting public, open-source developer tools. These tech companies include...
LiteSpeed Cache Plugin XSS Flaw Exposes 4+ Million Sites to Attack

LiteSpeed Cache Plugin XSS Flaw Exposes 4M+ Million Sites to Attack

A critical vulnerability has been discovered in the LiteSpeed Cache plugin, a popular WordPress plugin installed on over 4 million websites. This flaw, identified as a stored Cross-Site Scripting (XSS) vulnerability, poses a significant...
133,000+ Vulnerable FortiOS/FortiProxy Instances : Exploitation Started

133,000+ Vulnerable FortiOS/FortiProxy Instances : Exploitation Started

A critical security vulnerability has been identified in Fortinet's FortiOS and FortiProxy, potentially affecting over 133,000 devices worldwide. The flaw, tracked as CVE-2024-21762, is an out-of-bounds write vulnerability that could allow a remote, unauthenticated attacker...
Samsung Issued Patches for Multiple Critical Security Flaws

Samsung Issued Patches for Multiple Critical Security Flaws

Samsung Mobile has issued fixes to address several security flaws discovered in Galaxy phones and tablets. In the September 2023 security patch, 62 bugs were fixed; Google provided 27 of these fixes, and Samsung issued 35...
Pwn2Own 2023 Toronto

TP-Link, HP Printer, Samsung Galaxy S23 Hacked At Pwn2Own 2023 – Day Two

At Pwn2Own 2023 in Toronto on day two, vulnerabilities in printers, routers, smart speakers, and Samsung Galaxy S23s were exploited by cybersecurity experts. These vendors included TP-Link, HP, Cannon, Synology, and Sonos.  Cybersecurity experts have...
VMware Fixes Critical Flaw

VMware Fixes Critical Flaw that Let Attackers Steal Admin Credentials

VMware security teams announced the release of security patches to fix a severe flaw in vRealize Operations whose exploit would allow threat actors to steal administrator credentials on vulnerable servers. vRealize Operations is an AI-powered...
Hackers are Selling Exploits for Foxit Read: Patch ASAP!

Hackers are Selling Exploits for Foxit Reader: Patch ASAP!

A threat actor has announced the sale of an exploit targeting a vulnerability in Foxit Reader, a widely used PDF viewer. This vulnerability could potentially allow remote code execution, posing a significant risk to...
ChatGPT for Vulnerability Detection – Prompts Used and their Responses

ChatGPT for Vulnerability Detection – Prompts Used and their Responses

Software vulnerabilities are essentially errors in code that malicious actors can exploit. Advanced language models such as CodeBERT, GraphCodeBERT, and CodeT5 can detect these vulnerabilities, provide detailed analysis assessments, and even recommend patches to...
iOS Zero-Day

Warning! Apple Fixes Actively Exploited iOS Zero-Day on iPhones & iPads

In an effort to ensure the safety and security of its customers, Apple has taken the necessary steps to address a potentially dangerous vulnerability that has been marked as "Zero-Day" by releasing updates for...

Managed WAF

Website

Latest News