Security News

GitHub Rotates Keys After High-Severity Vulnerability Exposes Credentials

2024-01-17 07:41

GitHub has revealed that it has rotated some keys in response to a security vulnerability that could be potentially exploited to gain access to credentials within a production container. The...

#credential #github #vulnerability

Zero-Day Alert: Update Chrome Now to Fix New Actively Exploited Vulnerability

2024-01-17 02:20

Google on Tuesday released updates to fix four security issues in its Chrome browser, including an actively exploited zero-day flaw. The issue, tracked as CVE-2024-0519, concerns an out-of-bounds...

#chrome #update #vulnerability #zeroday #CVE-2024-0519

Patch time: Critical GitLab vulnerability exposes 2FA-less users to account takeovers

2024-01-15 17:36

Attackers targeting vulnerable self-managed GitLab instances could use a specially crafted HTTP request to send a password reset email to an attacker-controlled, unverified email address. Users with 2FA enabled aren't vulnerable to account takeover, unless the attacker also had control of the 2FA authenticator, but a password reset could still be achieved.

#2FA #critical #gitlab #patch #takeover #vulnerability #CVE-2023-6955 #CVE-2023-2030

Balada Injector Infects Over 7,100 WordPress Sites Using Plugin Vulnerability

2024-01-15 07:45

Thousands of WordPress sites using a vulnerable version of the Popup Builder plugin have been compromised with a malware called Balada Injector. First documented by Doctor Web in January 2023, the...

#vulnerability #wordpress

Critical RCE Vulnerability Uncovered in Juniper SRX Firewalls and EX Switches

2024-01-13 10:45

Juniper Networks has released updates to fix a critical remote code execution (RCE) vulnerability in its SRX Series firewalls and EX Series switches. The issue, tracked as CVE-2024-21591, is rated...

#critical #firewall #juniper #RCE #vulnerability #CVE-2024-21591

GitLab warns of critical zero-click account hijacking vulnerability

2024-01-12 17:54

GitLab has released security updates for both the Community and Enterprise Edition to address two critical vulnerabilities, one of them allowing account hijacking with no user interaction. The most critical security issue GitLab patched has the maximum severity score and is being tracked as CVE-2023-7028.

#critical #gitlab #hijacking #vulnerability #CVE-2023-4812 #CVE-2023-6955 #CVE-2023-7028

Act Now: CISA Flags Active Exploitation of Microsoft SharePoint Vulnerability

2024-01-12 06:35

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security vulnerability impacting Microsoft SharePoint Server to its Known Exploited Vulnerabilities (KEV)...

#cisa #exploitation #microsoft #sharepoint #vulnerability #CVE-2023-29357

New PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP Systems

2024-01-11 14:16

Cybersecurity researchers have developed a proof-of-concept (PoC) code that exploits a recently disclosed critical flaw in the Apache OfBiz open-source Enterprise Resource Planning (ERP) system to...

#apache #ERP #exploit #POC #vulnerability #CVE-2023-51467

Cisco Fixes High-Risk Vulnerability Impacting Unity Connection Software

2024-01-11 04:55

Cisco has released software updates to address a critical security flaw impacting Unity Connection that could permit an adversary to execute arbitrary commands on the underlying system. Tracked...

#cisco #vulnerability #CVE-2024-20272

Criminal IP and Tenable Partner for Swift Vulnerability Detection

2024-01-09 15:02

The key feature of this technical alliance lies in streamlining the essential data and information of IP addresses provided by the Criminal IP search engine to Tenable Vulnerability Management. Integrating Criminal IP with Tenable Vulnerability Management will equip users with the comprehensive feature of Criminal IP for detecting IP assets.

#criminal #swift #tenable #vulnerability

Security News {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Security News"}]}

Security News