SolarWinds left hardcoded credentials in helpdesk product
SolarWinds' Web Help Desk had a critical security flaw due to hardcoded credentials, necessitating an immediate update for users.
Doomsday 9.9 unauthenticated RCE bug affects all Linux
A critical 9.9-rated unauthenticated RCE flaw is affecting GNU/Linux systems, with no fix yet despite disclosure to developers three weeks ago.
Thousands of PAN-OS devices compromised by critical exploits
Palo Alto Networks firewalls were compromised due to two security bugs, allowing attackers to deploy backdoors and malware.
Canada Prepares for Immigration Surge After Trump Vows Mass Deportation
The U.S.-Canada border may become a significant migration flashpoint due to Trump's deportation policies.
Insurance website's buggy API leaked Office 365 password
Toyota Tsusho Insurance Broker India (TTIBI) exposed over 650,000 Microsoft-hosted emails due to a misconfigured server.
The company failed to change the password of the affected account even after the vulnerability was disclosed five months ago.
Microsoft patches rollback flaw in Windows 10
A critical flaw in Windows Update allows attackers to rollback security patches, potentially exposing systems to known vulnerabilities. The flaw affects certain Windows 10 versions.
SolarWinds left hardcoded credentials in helpdesk product
SolarWinds' Web Help Desk had a critical security flaw due to hardcoded credentials, necessitating an immediate update for users.
Doomsday 9.9 unauthenticated RCE bug affects all Linux
A critical 9.9-rated unauthenticated RCE flaw is affecting GNU/Linux systems, with no fix yet despite disclosure to developers three weeks ago.
Thousands of PAN-OS devices compromised by critical exploits
Palo Alto Networks firewalls were compromised due to two security bugs, allowing attackers to deploy backdoors and malware.
Canada Prepares for Immigration Surge After Trump Vows Mass Deportation
The U.S.-Canada border may become a significant migration flashpoint due to Trump's deportation policies.
Insurance website's buggy API leaked Office 365 password
Toyota Tsusho Insurance Broker India (TTIBI) exposed over 650,000 Microsoft-hosted emails due to a misconfigured server.
The company failed to change the password of the affected account even after the vulnerability was disclosed five months ago.
Microsoft patches rollback flaw in Windows 10
A critical flaw in Windows Update allows attackers to rollback security patches, potentially exposing systems to known vulnerabilities. The flaw affects certain Windows 10 versions.
Widespread Windows and Linux Vulnerabilities Could Let Attackers Sneak in Malicious Code Before Boot
Lenovo, AMI, and Insyde have released patches for LogoFAIL, a security vulnerability that affects almost all Windows and Linux computers.
LogoFAIL allows attackers to remotely execute code by replacing an image or logo during the device boot-up process.
CISA finally removes dud vulnerability from must-patch list
CISA has removed a security vulnerability (CVE-2022-28958) from its Known Exploited Vulnerability catalog after it was found to be a fake vulnerability.
The vulnerability was thought to be a critical remote code execution flaw but had no impact on the systems it targeted.