#security-vulnerabilities

[ follow ]
fromThe Cyber Express
1 week ago

Multer Vulnerabilities Expose Node.js Apps To DoS Attacks

The high-severity vulnerabilities in Multer allow attackers to cause a Denial of Service (DoS) by sending malformed multi-part upload requests, crashing Node.js applications.
Node JS
Tech industry
fromTheregister
2 weeks ago

Intel data-leaking Spectre defenses scared off once again

ETH Zurich researchers developed a method to bypass Intel's protections against Spectre vulnerabilities, highlighting ongoing security concerns.
#cybersecurity
Information security
fromThe Hacker News
3 months ago

New Xerox Printer Flaws Could Let Attackers Capture Windows Active Directory Credentials

Xerox VersaLink printers have serious security vulnerabilities that can lead to credential theft.
The vulnerabilities can allow attackers to redirect authentication information to rogue servers.
Effective exploitation of these vulnerabilities requires specific conditions, including access to MFP configuration and user address books.
Information security
fromTheregister
1 month ago

CISA warns of new malware targeting Ivanti flaw

Ivanti products face a new malware threat called Resurge, exploiting a critical vulnerability. Immediate action is required to protect systems.
Information security
fromThe Hacker News
7 months ago

Researchers Uncover Major Security Vulnerabilities in Industrial MMS Protocol Libraries

Multiple vulnerabilities in MMS protocol can severely impact industrial environments, allowing potential crashes and remote code execution.
fromZDNET
1 month ago
Apple

Update your iPhone now to patch a CarPlay glitch and two serious security flaws

Information security
fromThe Hacker News
3 months ago

New Xerox Printer Flaws Could Let Attackers Capture Windows Active Directory Credentials

Xerox VersaLink printers have serious security vulnerabilities that can lead to credential theft.
The vulnerabilities can allow attackers to redirect authentication information to rogue servers.
Effective exploitation of these vulnerabilities requires specific conditions, including access to MFP configuration and user address books.
Information security
fromTheregister
1 month ago

CISA warns of new malware targeting Ivanti flaw

Ivanti products face a new malware threat called Resurge, exploiting a critical vulnerability. Immediate action is required to protect systems.
Information security
fromThe Hacker News
7 months ago

Researchers Uncover Major Security Vulnerabilities in Industrial MMS Protocol Libraries

Multiple vulnerabilities in MMS protocol can severely impact industrial environments, allowing potential crashes and remote code execution.
fromZDNET
1 month ago
Apple

Update your iPhone now to patch a CarPlay glitch and two serious security flaws

Artificial intelligence
fromInfoQ
3 weeks ago

Meta Launches AutoPatchBench to Evaluate LLM Agents on Security Fixes

AutoPatchBench evaluates LLM agents' ability to autonomously patch security vulnerabilities in C/C++ code.
fromInfoQ
1 month ago

Spring News Roundup: RCs of Spring Boot, Data, Security, Auth, Session, Integration, Web Services

The first release candidate of Spring Boot 3.5.0 introduces significant bug fixes, dependency upgrades, and new annotations to enhance servlet and filter registration.
Web frameworks
#data-protection
Information security
fromDevOps.com
4 months ago

The State of Application Risk: Key Findings Reveal Widespread Security Vulnerabilities - DevOps.com

Enterprise software development environments are critically vulnerable, as all organizations face high security risks.
Traditional application security approaches are ineffective against modern threats, leaving organizations exposed.
Information security
fromDevOps.com
4 months ago

The State of Application Risk: Key Findings Reveal Widespread Security Vulnerabilities - DevOps.com

Enterprise software development environments are critically vulnerable, as all organizations face high security risks.
Traditional application security approaches are ineffective against modern threats, leaving organizations exposed.
London startup
fromDeveloper Tech News
1 month ago

Security flaws hit PyTorch Lightning deep learning framework

PyTorch Lightning has critical security flaws due to deserialisation vulnerabilities, potentially allowing arbitrary code execution from untrusted model files.
Gadgets
fromwww.theguardian.com
1 month ago

Hyundai facing legal action over car that can be stolen effortlessly in seconds'

Hyundai is facing lawsuits for not warning customers about easy thefts of its electric cars.
Roam Research
fromSecuritymagazine
2 months ago

27,000 records in Australian fintech database were exposed

An exposed Amazon S3 database for Vroom by YouX contained sensitive records, highlighting severe security risks associated with unprotected data.
#linux
fromITPro
2 months ago
Privacy technologies

Qualys discovers three bypasses of Ubuntu's unprivileged user namespace restrictions

fromITPro
2 months ago
Privacy technologies

Qualys discovers three bypasses of Ubuntu's unprivileged user namespace restrictions

#kubernetes
Privacy technologies
fromTechRepublic
2 months ago

Billions of Devices at Risk of Hacking Due to Hidden Commands

Undocumented commands in the ESP32 Bluetooth chip pose serious security risks, enabling potential impersonation and memory manipulation.
Web development
fromSmashing Magazine
3 months ago

How OWASP Helps You Secure Your Full-Stack Web Applications - Smashing Magazine

The OWASP vulnerabilities list is essential for web developers to establish security measures against common threats.
fromTheregister
4 months ago

MediaTek says 'Happy New Year' with critical RCE, other bugs

MediaTek disclosed a critical remote code execution vulnerability affecting 51 chipsets, which could lead to serious security risks if exploited.
Information security
Information security
fromTechCrunch
7 months ago

Socket lands a fresh $40M to scan software for security flaws | TechCrunch

The software supply chain is currently at high risk, particularly with outdated open-source components leading to security vulnerabilities.
[ Load more ]