Security News

A three-year-old attack technique to bypass Google's audio reCAPTCHA by using its own Speech-to-Text API has been found to still work with 97% accuracy. ReCAPTCHA is a popular version of the CAPTCHA technology that was acquired by Google in 2009.

A high-severity authentication bypass vulnerability was recently addressed in the Bouncy Castle cryptography library. Synopsys CyRC security researchers revealed this week that an authentication vulnerability they identified in the OpenBSDBcrypt class of the Java cryptography library could be abused to bypass password checks in applications relying on the library.

A severe authentication bypass vulnerability has been reported in Bouncy Castle, a popular open-source cryptography library. The.NET version of Bouncy Castle alone has been downloaded over 16,000,000 times, speaking to the seriousness of vulnerabilities in Bouncy Castle, a library relied on by developers of mission-critical applications.

A severe authentication bypass vulnerability has been reported in Bouncy Castle, a popular open-source cryptography library. The.NET version of Bouncy Castle alone has been downloaded over 16,000,000 times, speaking to the seriousness of vulnerabilities in Bouncy Castle, a library relied on by developers of mission-critical applications.

A severe authentication bypass vulnerability has been reported in Bouncy Castle, a popular open-source cryptography library. The.NET version of Bouncy Castle alone has been downloaded over 16,000,000 times, speaking to the seriousness of vulnerabilities in Bouncy Castle, a library relied on by developers of mission-critical applications.

This week, Mattermost, in coordination with Golang has disclosed 3 critical vulnerabilities within Go language's XML parser. The XML round-trip vulnerabilities listed below lurk in Golang's XML language parser encoding/xml which doesn't return reliable results when encoding and decoding XML input.

A domain spoofing email phishing campaign that very convincingly impersonates Microsoft and successfully tricks legacy secure email gateways has recently been spotted by Ironscales. Spoofed the sender's domain to make it look like the email comes from Microsoft.

Threat actors are exploiting legitimate SendGrid mailing service to spoof HMRC phishing emails that bypass spam filters. Email delivery service abused for spoofing HMRC emails.

Challenges organizations face in combating third-party cyber riskA CyberGRX report reveals trends and challenges organizations of all sizes face in combating third-party cyber risk today. cPanel 2FA bypass vulnerability can be exploited through brute forceA two-factor authentication bypass vulnerability affecting the popular cPanel & WHM software suite may allow attackers to access secured accounts, Digital Defense researchers have found.

cPanel last week released patches to address three vulnerabilities in cPanel & WebHost Manager, including one leading to two-factor authentication bypass. With over 20 years of web hosting experience, cPanel claims servers using cPanel & WHM have launched more than 70 million domains.