Zyxel Releases Patches for Firmware Vulnerabilities in EoL NAS Models

Zyxel Releases Patches for Firmware Vulnerabilities in EoL NAS Models

Zyxel Releases Patches for Firmware Vulnerabilities in EoL NAS Models Zyxel has released security updates to address critical flaws impacting two of its network-attached storage (NAS) devices that have currently reached end-of-life (EoL) status. Successful exploitation of three of the five vulnerabilities could permit an unauthenticated attacker to execute operating Read more…

Researchers Uncover Active Exploitation of WordPress Plugin Vulnerabilities

Researchers Uncover Active Exploitation of WordPress Plugin Vulnerabilities

Researchers Uncover Active Exploitation of WordPress Plugin Vulnerabilities Cybersecurity researchers have warned that multiple high-severity security vulnerabilities in WordPress plugins are being actively exploited by threat actors to create rogue administrator accounts for follow-on exploitation. “These vulnerabilities are found in various WordPress plugins and are prone to unauthenticated stored cross-site Read more…

Ransomware Attacks Exploit VMware ESXi Vulnerabilities in Alarming Pattern

Ransomware Attacks Exploit VMware ESXi Vulnerabilities in Alarming Pattern

Ransomware Attacks Exploit VMware ESXi Vulnerabilities in Alarming Pattern Ransomware attacks targeting VMware ESXi infrastructure following an established pattern regardless of the file-encrypting malware deployed. “Virtualization platforms are a core component of organizational IT infrastructure, yet they often suffer from inherent misconfigurations and vulnerabilities, making them a lucrative and highly effective target Read more…

CISA Warns of Actively Exploited D-Link Router Vulnerabilities - Patch Now

CISA Warns of Actively Exploited D-Link Router Vulnerabilities – Patch Now

CISA Warns of Actively Exploited D-Link Router Vulnerabilities – Patch Now The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security flaws impacting D-Link routers to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The list of vulnerabilities is as follows – CVE-2014-100005 – A cross-site Read more…

Severe Vulnerabilities in Cinterion Cellular Modems Pose Risks to Various Industries

Severe Vulnerabilities in Cinterion Cellular Modems Pose Risks to Various Industries

Severe Vulnerabilities in Cinterion Cellular Modems Pose Risks to Various Industries Cybersecurity researchers have disclosed multiple security flaws in Cinterion cellular modems that could be potentially exploited by threat actors to access sensitive information and achieve code execution. “These vulnerabilities include critical flaws that permit remote code execution and unauthorized Read more…

Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover

Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover

Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover Multiple critical security flaws have been disclosed in the Judge0 open-source online code execution system that could be exploited to obtain code execution on the target system. The three flaws, all critical in nature, allow an “adversary with sufficient access to perform a sandbox escape and obtain Read more…

State-Sponsored Hackers Exploit Two Cisco Zero-Day Vulnerabilities for Espionage

State-Sponsored Hackers Exploit Two Cisco Zero-Day Vulnerabilities for Espionage

State-Sponsored Hackers Exploit Two Cisco Zero-Day Vulnerabilities for Espionage A new malware campaign leveraged two zero-day flaws in Cisco networking gear to deliver custom malware and facilitate covert data collection on target environments. Cisco Talos, which dubbed the activity ArcaneDoor, attributed it as the handiwork of a previously undocumented sophisticated state-sponsored actor Read more…

Microsoft's March Updates Fix 61 Vulnerabilities, Including Critical Hyper-V Flaws

Microsoft's March Updates Fix 61 Vulnerabilities, Including Critical Hyper-V Flaws

Microsoft's March Updates Fix 61 Vulnerabilities, Including Critical Hyper-V Flaws Microsoft on Tuesday released its monthly security update, addressing 61 different security flaws spanning its software, including two critical issues impacting Windows Hyper-V that could lead to denial-of-service (DoS) and remote code execution. Of the 61 vulnerabilities, two are rated Critical, 58 Read more…