Category Archives: Vulnerabilities
Workaround For One-Click 0Day Vulnerability Follina
Microsoft announced its workaround for a zero-day vulnerability that has already been used by hackers. A threat actor already has exploited the vulnerability to target organizations in Russia and Tibet, researchers said. This vulnerability was identified back in April and … Read the rest
Synology And QNAP Critical Netatalk Vulnerability
Synology and QNAP has warned its customers that it has found serious vulnerabilities in its NAS devices. The flaws, which exist in its network-attached storage (NAS) appliances, could allow attackers to gain remote access to vulnerable systems, modify data or … Read the rest
Vulnerability in Spring Java framework called Spring4Shell
Spring4Shell CVE-2022-22965, a critical vulnerability has been found in Spring, an open source programming framework for the Java platform. It could allow hackers to take control of your system. Details about the vulnerability were leaked to the public before the … Read the rest
OpenSSL Infinite Loop Vulnerability
The US National Security Agency (NSA) officials have recently discovered a vulnerability in the OpenSSL cryptographic library. This vulnerability can be used to conduct denial-of-service attacks and can be easily weaponized by its potential attackers.
OpenSSL is a popular cryptography … Read the rest
APC Smart UPS Zero Day Vulnerability
Three critical Zero Day vulnerabilities have been uncovered in popular uninterruptible power supply APC-SMART UPS devices. They could be exploited and used to bring down infrastructure and even cause physical harm. A malicious actor could exploit these flaws and cause … Read the rest
5 Critical VMware ESXi Vulnerabilities
It has been alerted; five security vulnerabilities could lead to major potential issues for VMware ESXi customers. This includes command execution and DoS. VMware has issued a critical security update to patch its ESXi customers. Exploitation of these vulnerabilities could … Read the rest
Hackers Exploiting Cisco RV VPN Routers
Security researchers have found critical vulnerabilities in Cisco Small Business RV VPN routers. The bugs could allow attackers to take control of the router with root privileges, get access to customer data, and conduct DDOS attacks.
Why are they even … Read the rest
New UEFI Bootkit called MoonBounce
Researchers have discovered a sophisticated new type of malware that targets UEFI and its called MoonBounce. The Bootkit or also known as rootkit malware is suspected to be associated with (advanced persistent threat 41). APT41 is a group of hackers … Read the rest
SSRF Vulnerability In VMware Authentication
Researchers have found that VMware has a server-side request forgery (SSRF) vulnerability could allow an attacker to obtain administrative JSON Web Tokens (JWT) in versions of the VMware authentication software.
This serious security vulnerability was found in a popular service … Read the rest
Microsoft Warns Log4j Flaw Attacks Remain High
Microsoft has warned that Windows and Azure customers should be on high alert after spotting state-sponsored and cyber-criminal hackers probing systems for a flaw in the Log4j. Microsoft says it spotted attackers using the Log4j flaw through December.
The Apache … Read the rest
Loading ...