Security News

In a short tweet today, exploit broker Zerodium said that it is looking to acquire zero-day exploits for vulnerabilities in three popular virtual private network service providers on the market. Zerodium's current interest is in vulnerabilities affecting Windows clients for NordVPN, ExpressVPN, and SurfShark VPN services.

Microsoft has patched a security feature bypass vulnerability impacting Surface Pro 3 tablets, enabling threat actors to introduce malicious devices within enterprise environments. Device Health Attestation is a cloud and on-premises service that validates TPM and PCR logs for endpoints and informs Mobile Device Management solutions if Secure Boot, BitLocker, and Early Launch Antimalware are enabled, Trusted Boot is correctly signed, and more.

Vulnerabilities in the Brizy Page Builder plugin for WordPress sites could be chained together to allow attackers to completely take over a website, according to researchers. The two fresh bugs can both be chained with the re-introduced access control vulnerability to allow complete site takeover, researchers explained.

Apache has issued patches to address two security vulnerabilities, including a path traversal and file disclosure flaw in its HTTP server that it said is being actively exploited in the wild. "A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the expected document root," the open-source project maintainers noted in an advisory published Tuesday.

The venerable Apache web server has just been updated to fix a dangerous remote code execution bug. This bug is already both widely-known and trivial to exploit, with examples now circulating freely on Twitter, and a single, innocent-looking web request aimed at your server could be enough for an attacker to take it over completely.

" Guess what? iOS 12 wasn't dead, it was just resting. Researchers rediscover an Outlook data leakage issue.

A working exploit for the critical CVE-2021-22005 remote-code execution vulnerability in VMware vCenter is now fully public and is being exploited in the wild. "This vulnerability can be used by anyone who can reach vCenter Server over the network to gain access, regardless of the configuration settings of vCenter Server," said Bob Plankers, Technical Marketing Architect at VMware, when VMware announced the vulnerability on Tuesday.

A complete exploit for the remote code execution vulnerability in VMware vCenter tracked as CVE-2021-22005 is now widely available, and threat actors are taking advantage of it. On Monday, exploit writer wvu released an unredacted exploit for CVE-2021-22005 that works against endpoints with the Customer Experience Improvement Program component enabled, which is the default state.

Exploit code that could be used to achieve remote code execution on VMware vCenter Server vulnerable to CVE-2021-22005 is currently spreading online. Publicly disclosed earlier this week when VMware also addressed it, the bug comes with a critical severity rating of 9.8 and a strong recommendation to install the available patch.

Proof-of-concept exploit code for three iOS zero-day vulnerabilities was published on GitHub after Apple delayed patching and failed to credit the researcher.The researcher who found the four zero-days reported them to Apple between March 10 and May 4.