Security News

Critical WPML Plugin Flaw Exposes WordPress Sites to Remote Code Execution
2024-08-28 04:14

A critical security flaw has been disclosed in the WPML WordPress multilingual plugin that could allow authenticated users to execute arbitrary code remotely under certain circumstances. The...

SonicWall patches critical flaw affecting its firewalls (CVE-2024-40766)
2024-08-26 18:28

SonicWall has patched a critical vulnerability (CVE-2024-40766) in its next-gen firewalls that could allow remote attackers unauthorized access to resources and, in specific conditions, to crash...

SonicWall warns of critical access control flaw in SonicOS
2024-08-26 14:40

SonicWall's SonicOS is vulnerable to a critical access control flaw that could allow attackers to gain access unauthorized access to resources or cause the firewall to crash. [...]

SonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access
2024-08-26 14:33

SonicWall has released security updates to address a critical flaw impacting its firewalls that, if successfully exploited, could grant malicious actors unauthorized access to the devices. The...

Critical Flaws in Traccar GPS System Expose Users to Remote Attacks
2024-08-26 07:45

Two security vulnerabilities have been disclosed in the open-source Traccar GPS tracking system that could be potentially exploited by unauthenticated attackers to achieve remote code execution...

Another critical SolarWinds Web Help Desk bug fixed (CVE-2024-28987)
2024-08-23 10:26

A week after SolarWinds released a fix for a critical code-injection-to-RCE vulnerability (CVE-2024-28986) in Web Help Desk (WHD), another patch for another critical flaw (CVE-2024-28987) in the...

SolarWinds left critical hardcoded credentials in its Web Help Desk product
2024-08-22 22:36

Why go to the effort of backdooring code when devs will basically do it for you accidentally anyway SolarWinds left hardcoded credentials in its Web Help Desk product that can be used by remote,...

Hackers are exploiting critical bug in LiteSpeed Cache plugin
2024-08-22 22:14

Hackers have already started to exploit the critical severity vulnerability that affects LiteSpeed Cache, a WordPress plugin used for accelerating response times, a day after technical details...

Ransomware batters critical industries, but takedowns hint at relief
2024-08-22 12:23

Whether attack slowdown continues downward trend is the million dollar question that security researchers can't answer Critical industrial organizations continued to be hammered by ransomware...

Critical GitHub Enterprise Server auth bypass flaw fixed (CVE-2024-6800)
2024-08-22 12:19

A critical vulnerability (CVE-2024-6800) affecting all currently supported versions of GitHub Enterprise Server (GHES) may allow attackers to gain unrestricted access to the instance’s contents....