Here you will find all the articles with the tag: vulnerability.
Cybercriminals are spreading malware-linked URLs of ostensibly Microsoft repositories through the comments of GitHub projects. The method of malware distribution is very dangerous and persistent. According to research, cybercriminals are actively trying to spread malware through URLs posted in t... Read more
2 days ago
What does a bug bounty program look like, and what does it deliver? We talk to Visma about its usefulness for security professionals and the ultimate benefit for the user of the software. "With the bug bounty program, we have extra eyes looking at our products," explains Chief Information Securi... Read more
2 days ago
Attacks on Windows Defender and Kaspersky EDR allow remote file deletion. Even after patches, hackers can still exploit these tools' vulnerabilities. In a presentation at Black Hat Asia, security firm SafeBreach revealed that Windows Defender and Kaspersky EDR are vulnerable to remote-access att... Read more
3 days ago
For seven months, attackers had free reign to wreak havoc inside the AI infrastructure of major tech companies. An exploitation of vulnerability CVE-2023-48022 in the widely used open-source Ray framework has led to manipulated models, stolen hardware cycles and compromised data. Its developer Anys... Read more
28 days ago
Figures from Google show that last year there were 97 actively exploited zero-day vulnerabilities. In 2022, the number was still 62 vulnerabilities. With this, the upward trend has returned. A year ago, the figures still showed a positive trend downward. According to Google data, the year 2021 m... Read more
29 days ago
The FBI and the U.S. Cybersecurity and Infrastructure Agency (CISA) argue that SQL injections should be a thing of the past. Despite developers' knowledge for two decades of how to prevent this type of attack, it continues to cause widespread exploits. SQL injections insert malicious code into S... Read more
1 month ago
Fortinet is warning users of the Fortinet FortiClient Enterprise Management Server (EMS) about the active misuse of a critical vulnerability in the product. The vulnerability allows hackers to run code through the system without having physical access to the device. The vulnerability was reporte... Read more
1 month ago
A new CPU vulnerability affects all known computer architectures. The so-called GhostRace exploit makes it possible to steal data from the system memory of PCs with chips from Intel, AMD, Arm and IBM. VUSec, the Systems & Network Security Group at the Dutch university VU Amsterdam, shares a ... Read more
1 month ago
Two critical vulnerabilities in WordPress plugins from miniOrange will never receive a patch. More than 10,000 websites use the Malware Scanner plugin to detect attackers. However, the tool itself is exploitable by malicious actors. The vulnerability in Malware Scanner was found by WordPress res... Read more
1 month ago
Microsoft addressed two critical vulnerabilities in the virtualization software Hyper-V during this month's Patch Tuesday update. The company said exploits of both vulnerabilities are not likely, but patching is important. The vulnerabilities in question are CVE-2024-21407 and CVE-2024-21408. Th... Read more
1 month ago
