Security News

Ivanti has released security updates to address two security flaws in Endpoint Manager Mobile (EPMM) software that have been chained in attacks to gain remote code execution. The vulnerabilities...

Ivanti warned customers today to patch their Ivanti Endpoint Manager Mobile (EPMM) software against two security vulnerabilities chained in attacks to gain remote code execution. [...]

Cisco has released security updates for a high-severity Webex vulnerability that allows unauthenticated attackers to gain client-side remote code execution using malicious meeting invite links. [...]

A critical security vulnerability has been disclosed in the Erlang/Open Telecom Platform (OTP) SSH implementation that could permit an attacker to execute arbitrary code sans any authentication...

Stopping users shooting themselves in the foot with last century's tech Microsoft has twisted the knife into ActiveX once again, setting Microsoft 365 to disable all controls without so much as a prompt.…

Popular WordPress security plugin WP Ghost is vulnerable to a critical severity flaw that could allow unauthenticated attackers to remotely execute code and hijack servers. [...]

Elastic has rolled out security updates to address a critical security flaw impacting the Kibana data visualization dashboard software for Elasticsearch that could result in arbitrary code...

Bugs fixed, updating to the latest version is advisable Security sleuths found two critical vulnerabilities in a third-party library that MongoDB relies on, which means bad guys can potentially...

Cybersecurity researchers have disclosed a new type of name confusion attack called whoAMI that allows anyone who publishes an Amazon Machine Image (AMI) with a specific name to gain code...

Security researchers discovered a name confusion attack that allows access to an Amazon Web Services account to anyone that publishes an Amazon Machine Image (AMI) with a specific name. [...]