13 Mar 2020

WordPress Plugin Bug Allows Malicious Code Injection on 100K Sites

WordPress is facing more vulnerabilities, this time in its Popup Builder plugin. The flaw allows unauthenticated attackers to inject malicious JavaScript into popups, which can then affect tens of thousands of websites and allow the attacker to steal information and take over targeted sites in the worst-case scenario. The plugin

Read More
12 Mar 2020

Intel Patches High Severity Flaws in Windows Graphics Drivers

Recently, Intel released security updates that patch 27 vulnerabilities as part of the Patch Tuesday, March 2020 edition. Ten of the flaws are classified as high security for their impact on Intel’s Graphics Drivers for Windows and the Smart Sound Technology integrated audio. The security risks outlined in this edition

Read More
06 Feb 2020

Cisco Flaws Put Millions of Workplace Devices at Risk

Researchers at the enterprise security firm Armis have reported a group of new flaws in Cisco enterprise products such as desk phones, web cameras, and network switches. These vulnerabilities could be exploited to compromise corporate networks at a significant level. Cisco currently dominates the network equipment market, therefore, the bugs

Read More
28 Jan 2020

Intel Is Patching the Patch for the Patch for Its ‘Zombieload’ Flaw

Over the past few years, security researchers have found hundreds of vulnerabilities that allow a hacker to trick Intel’s microprocessors into unauthorized data access. As the flaws have been exposed, employees have rushed to release patches for them. However, Intel has failed to patch the underlying problem behind a serious

Read More
27 Jan 2020

MDhex vulnerabilities open GE Healthcare patient monitoring devices to attackers

Six critical and high-risk vulnerabilities have been discovered by researchers in patient monitoring devices manufactured by GE Healthcare. The vulnerabilities, collectively named MDhex, allow an attacker to make changes at the devices’ OS-level that could harm the patient through rendering the device unusable or interfering with its functions. Alarm settings

Read More
08 Jan 2020

TikTok Bugs Put Users’ Videos, Personal Data At Risk

Researchers at Check Point Research have discovered vulnerabilities in the popular video-sharing platform TikTok that allow users to spoof SMS messages and exploit an API flaw that can grand access to users’ personal data. However, ByteDance has since patched these flaws. If left un-updated, intruders could still gain access to

Read More