Security News

Zero-Day Alert: Three Critical Ivanti CSA Vulnerabilities Actively Exploited
2024-10-08 16:38

Ivanti has warned that three new security vulnerabilities impacting its Cloud Service Appliance (CSA) have come under active exploitation in the wild. The zero-day flaws are being weaponized in...

CUPS vulnerabilities could be abused for DDoS attacks
2024-10-03 13:10

While the Common UNIX Printing System (CUPS) vulnerabilities recently disclosed by researcher Simone “evilsocket” Margaritelli are not easily exploited for remote command execution on vulnerable...

Alert: Over 700,000 DrayTek Routers Exposed to Hacking via 14 New Vulnerabilities
2024-10-02 13:00

A little over a dozen new security vulnerabilities have been discovered in residential and enterprise routers manufactured by DrayTek that could be exploited to take over susceptible devices....

CUPS vulnerabilities affecting Linux, Unix systems can lead to RCE
2024-09-27 10:17

After much hyping and following prematurely leaked information by a third party, security researcher Simone Margaritelli has released details about four zero-day vulnerabilities in the Common UNIX...

The number of Android memory safety vulnerabilities has tumbled, and here’s why
2024-09-26 12:21

Google’s decision to write new code into Android’s codebase in Rust, a memory-safe programming language, has resulted in a significant drop in memory safety vulnerabilities, despite old code...

Google's Shift to Rust Programming Cuts Android Memory Vulnerabilities by 68%
2024-09-25 17:00

Google has revealed that its transition to memory-safe languages such as Rust as part of its secure-by-design approach has led to the percentage of memory-safe vulnerabilities discovered in...

Israel’s Pager Attacks and Supply Chain Vulnerabilities
2024-09-24 11:05

Israel’s brazen attacks on Hezbollah last week, in which hundreds of pagers and two-way radios exploded and killed at least 37 people, graphically illustrated a threat that cybersecurity experts...

CISA urges software devs to weed out XSS vulnerabilities
2024-09-17 16:39

CISA and the FBI urged tech companies to review their software and eliminate cross-site scripting (XSS) vulnerabilities before shipping. [...]

Ivanti fixes critical vulnerabilities in Endpoint Management (CVE-2024-29847)
2024-09-11 11:50

Ivanti has fixed a slew of vulnerabilities affecting its Endpoint Manager solution, including a maximum severity one (CVE-2024-29847) that may allow unauthenticated attackers to remotely execute...

Ivanti Releases Urgent Security Updates for Endpoint Manager Vulnerabilities
2024-09-11 06:30

Ivanti has released software updates to address multiple security flaws impacting Endpoint Manager (EPM), including 10 critical vulnerabilities that could result in remote code execution. A brief...