05 Aug 2022

VMWare Urges Users to Patch Critical Authentication Bypass Bug

VMware has urged users to implement a recently released patch as soon as possible to protect against a string of flaws that could lead to an attack chain. Multiple products are reportedly affected by a critical authentication bypass vulnerability that can allow a malicious actor to gain access to a

Read More
04 Aug 2022

Google Patches Critical Android Bluetooth Flaw in August Security Bulletin

On Monday, Google published its monthly security bulletin, releasing the latest available patches for Android devices. In this month’s update, a total of 37 vulnerabilities were patched. One of these patches is a critical security flaw that lies in the System component. If exploited by malicious actors, the flaw could

Read More
30 Jun 2022

New UnRAR Vulnerability Could Lead to Zimbra Webmail Hack

Security researchers have discovered a new flaw located in the UnRAR utility by RARlabs. The flaw can reportedly be exploited to steal emails from Zimbra email accounts and has been allocated a severity score of 7.5 out of 10 on the CVSS scale. Zimbra is an enterprise email solution that

Read More
28 Jun 2022

Chinese Researchers Find Critical Security Flaws in CoDeSys Automation Software

According to an advisory by Chinese cybersecurity firm NSFOCUS, its researchers have detected 11 security vulnerabilities that lie in the CoDeSys automation software that could lead to unauthorized access to company resources or denial-of-service attacks. The researchers claim that the bugs are simple to exploit and can have severe consequences,

Read More
21 Jun 2022

Microsoft Addresses Wi-Fi Hotspots Issues in Latest Update

Microsoft has addressed a known issue that is currently affecting Wi-Fi hotspot features in its systems. The vulnerability has been added to its official Health Dashboard page as of this week after the company discovered that Windows 10 and 11 machines are subject to the bug. It is likely that

Read More
17 Jun 2022

US Researchers Spot New Hertzbleed Flaw Affecting AMD and Intel CPUs

Researchers at the University of Texas have discovered, in collaboration with the University of Washington and the University of Illinois Urbana-Champaign, a new vulnerability that reportedly affects all modern AMD and Intel CPUs. The flaw is being referred to as “Hertzbleed” and is a new group of side-channel attacks. The

Read More
25 May 2022

Zoom patches XMPP vulnerability chain that could lead to remote code execution

Zoom users have been advised to update their software to the latest version, 5.10.0, to fix a number of flaws detected by Google Project Zero researchers. According to the researcher who discovered the holes, Ivan Fratric, user interaction is not required for an attacker to successfully leverage the flaws. The

Read More
16 May 2022

Over 20,000 Zyxel Firewalls Still Exposed to Critical Bug

According to security researchers, over 20,000 Zyxel Firewalls remain vulnerable to critical bug that was patched by the vendor back in April. The flaw lies in the ATP series, VPN series, and USG FLEX series of the firewall product. Security company Rapid7 discovered and disclosed the vulnerability in April of

Read More
04 May 2022

This unpatched DNS bug could put ‘well-known’ IoT devices at risk

IoT security researchers at Nozomi Networks have warned that a popular library for the C programming language is at risk for DNS cache-poisoning attacks. The bug in the library is roughly 10 years old, and could not be fixed by the owners and maintainers of the library. Security researcher Andrea

Read More
15 Apr 2022

Elementor Fixes Critical Bug in Popular WordPress Plugin

Elementor, a popular WordPress plugin, has received a critical update that patches a vulnerability that could be leveraged by attackers to change the appearance of websites. Elementor functions as a website building plugin, enabling users too easily create websites for themselves or their business without having to write code. Elementor

Read More