Security News
Drupal released a point update for its core engine to patch a critical access bypass vulnerability.
Researcher Matt Nelson disclosed another Windows UAC bypass, this one abusing the sdclt.exe backup and restore utility to execute a payload without triggering an alert.
A proof of concept bypass of Google's CAPTCHA verification system uses Google's own web-based tools to pull off the skirting of the system.
Newly disclosed FTP injection vulnerabilities in Java and Python that are fueled by rather common XML External Entity (XXE) flaws allow for firewall bypasses.