Security News

Moxa Issues Fix for Critical Authentication Bypass Vulnerability in PT Switches
2025-03-11 06:45

Taiwanese company Moxa has released a security update to address a critical security flaw impacting its PT switches that could permit an attacker to bypass authentication guarantees. The...

Swiss critical sector faces new 24-hour cyberattack reporting rule
2025-03-10 15:47

Switzerland's National Cybersecurity Centre (NCSC) has announced a new reporting obligation for critical infrastructure organizations in the country, requiring them to report cyberattacks to the...

Elastic Releases Urgent Fix for Critical Kibana Vulnerability Enabling Remote Code Execution
2025-03-06 12:33

Elastic has rolled out security updates to address a critical security flaw impacting the Kibana data visualization dashboard software for Elasticsearch that could result in arbitrary code...

US charges Chinese hackers linked to critical infrastructure breaches
2025-03-05 17:23

The US Justice Department has charged Chinese state security officers along with APT27 and i-Soon hackers for network breaches and cyberattacks that have targeted victims globally since 2011. [...]

89% of Enterprise GenAI Usage Is Invisible to Organizations Exposing Critical Security Risks, New Report Reveals
2025-02-27 13:05

Organizations are either already adopting GenAI solutions, evaluating strategies for integrating these tools into their business plans, or both. To drive informed decision-making and effective...

Ivanti endpoint manager can become endpoint ravager, thanks to quartet of critical flaws
2025-02-21 06:51

PoC exploit code shows why this is a patch priority Security engineers have released a proof-of-concept exploit for four critical Ivanti Endpoint Manager bugs, giving those who haven't already...

Critical flaws in Mongoose library expose MongoDB to data thieves, code execution
2025-02-20 14:45

Bugs fixed, updating to the latest version is advisable Security sleuths found two critical vulnerabilities in a third-party library that MongoDB relies on, which means bad guys can potentially...

Juniper patches critical auth bypass in Session Smart routers
2025-02-18 17:07

​Juniper Networks has patched a critical vulnerability that allows attackers to bypass authentication and take over Session Smart Router (SSR) devices. [...]

Critical PostgreSQL bug tied to zero-day attack on US Treasury
2025-02-14 14:19

High-complexity bug unearthed by infoseccers, as Rapid7 probes exploit further A high-severity SQL injection bug in the PostgreSQL interactive tool was exploited alongside the zero-day used to...

Ivanti fixes three critical flaws in Connect Secure & Policy Secure
2025-02-12 17:26

Ivanti has released security updates for Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS), and Ivanti Secure Access Client (ISAC) to address multiple vulnerabilities, including three...