Security News

Jetpack fixes critical information disclosure flaw existing since 2016
2024-10-14 19:30

WordPress plugin Jetpack released a critical security update earlier today, addressing a vulnerability that allowed a logged-in user to access forms submitted by other visitors to the site. [...]

Critical Veeam Vulnerability Exploited to Spread Akira and Fog Ransomware
2024-10-14 08:55

Threat actors are actively attempting to exploit a now-patched security flaw in Veeam Backup & Replication to deploy Akira and Fog ransomware. Cybersecurity vendor Sophos said it has been tracking...

New Critical GitLab Vulnerability Could Allow Arbitrary CI/CD Pipeline Execution
2024-10-11 06:29

GitLab has released security updates for Community Edition (CE) and Enterprise Edition (EE) to address eight security flaws, including a critical bug that could allow running Continuous...

Akira and Fog ransomware now exploit critical Veeam RCE flaw
2024-10-10 22:07

Ransomware gangs now exploit a critical security vulnerability that lets attackers gain remote code execution (RCE) on vulnerable Veeam Backup & Replication (VBR) servers. [...]

GitLab warns of critical arbitrary branch pipeline execution flaw
2024-10-10 15:12

GitLab has released security updates to address multiple flaws in Community Edition (CE) and Enterprise Edition (EE), including a critical arbitrary branch pipeline execution flaw. [...]

CISA adds fresh Ivanti vuln, critical Fortinet bug to hall of shame
2024-10-10 13:34

Usual three-week window to address significant risks to federal agencies applies The US Cybersecurity and Infrastructure Security Agency (CISA) says vulnerabilities in Fortinet and Ivanti products...

Experts Warn of Critical Unpatched Vulnerability in Linear eMerge E3 Systems
2024-10-10 12:10

Cybersecurity security researchers are warning about an unpatched vulnerability in Nice Linear eMerge E3 access controller systems that could allow for the execution of arbitrary operating system...

Mozilla patches critical Firefox vuln that attackers are already exploiting
2024-10-10 11:30

Firefixed: It's maintenance time for low-complexity, high-impact security flaw It's patch time for Firefox fans as Mozilla issues a security advisory for a critical code execution vulnerability in...

CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches
2024-10-10 05:44

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Fortinet products to its Known Exploited Vulnerabilities (KEV) catalog,...

CISA says critical Fortinet RCE flaw now exploited in attacks
2024-10-09 22:07

​Today, CISA revealed that attackers actively exploit a critical FortiOS remote code execution (RCE) vulnerability in the wild. [...]