Security News

Juniper patches critical auth bypass in Session Smart routers
2025-02-18 17:07

​Juniper Networks has patched a critical vulnerability that allows attackers to bypass authentication and take over Session Smart Router (SSR) devices. [...]

Critical PostgreSQL bug tied to zero-day attack on US Treasury
2025-02-14 14:19

High-complexity bug unearthed by infoseccers, as Rapid7 probes exploit further A high-severity SQL injection bug in the PostgreSQL interactive tool was exploited alongside the zero-day used to...

Ivanti fixes three critical flaws in Connect Secure & Policy Secure
2025-02-12 17:26

Ivanti has released security updates for Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS), and Ivanti Secure Access Client (ISAC) to address multiple vulnerabilities, including three...

Ivanti Patches Critical Flaws in Connect Secure and Policy Secure – Update Now
2025-02-12 05:57

Ivanti has released security updates to address multiple security flaws impacting Connect Secure (ICS), Policy Secure (IPS), and Cloud Services Application (CSA) that could be exploited to achieve...

Don't Overlook These 6 Critical Okta Security Configurations
2025-02-10 11:00

Given Okta's role as a critical part of identity infrastructure, strengthening Okta security is essential. This article covers six key Okta security settings that provide a strong starting point,...

Federal judge tightens DOGE leash over critical Treasury payment system access
2025-02-06 20:40

Lawsuit: 'Scale of intrusion into individuals' privacy is massive and unprecedented' Elon Musk's Department of Government Efficiency has had its access to US Treasury payment systems restricted -...

Critical RCE bug in Microsoft Outlook now exploited in attacks
2025-02-06 18:17

CISA warned U.S. federal agencies on Thursday to secure their systems against ongoing attacks targeting a critical Microsoft Outlook remote code execution (RCE) vulnerability. [...]

Critical Cisco ISE bug can let attackers run commands as root
2025-02-06 16:40

Cisco has fixed two critical Identity Services Engine (ISE) vulnerabilities that can let attackers with read-only admin privileges bypass authorization and run commands as root. [...]

Cisco Patches Critical ISE Vulnerabilities Enabling Root CmdExec and PrivEsc
2025-02-06 07:40

Cisco has released updates to address two critical security flaws Identity Services Engine (ISE) that could allow remote attackers to execute arbitrary commands and elevate privileges on...

Netgear fixes critical bugs as Five Eyes warn about break-ins at the edge
2025-02-05 16:27

International security squads all focus on stopping baddies busting in through routers, IoT kit etc Netgear is advising customers to upgrade their firmware after it patched two critical...