Patrick Wardle, a security researcher with Jamf, has uncovered two zero-day flaws in the Zoom macOS client version. The telecom and online class platform vulnerabilities have the potential to give …
Sensitive Voter Data Exposed by App Used in US Elections
According to cybersecurity company UpGaurd, sensitive information about US voters was left exposed as a result of a data breach by the application Campaign Sidekick, which functions as a voter contact …
Continue Reading about Sensitive Voter Data Exposed by App Used in US Elections
Critical WordPress Plugin Bug Lets Hackers Turn Users Into Admins
A vulnerability has been found in the WordPress SEO Plugin that allows attackers to give admin privileges to any registered users on sites run by WordPress. This leaves 200,000 sites with active …
Continue Reading about Critical WordPress Plugin Bug Lets Hackers Turn Users Into Admins
All 4G Networks Susceptible to DoS Attacks
A new vulnerability has been uncovered by Positive Technologies, a security firm, in all 4G and some 5G telecommunications networks that exposes a weakness in the diameter signaling protocol. This …
Continue Reading about All 4G Networks Susceptible to DoS Attacks
Chinese Hackers Exploit Cisco, Citrix Flaws in Massive Espionage Campaign
APT41, a Chinese threat group that is responsible for dozens of destructive cyberattacks, has been exploiting vulnerabilities in Citrix NetScaler/ADC, Cisco routers and Zoho ManageEngine Desktop …
Continue Reading about Chinese Hackers Exploit Cisco, Citrix Flaws in Massive Espionage Campaign
WordPress Plugin Bug Allows Malicious Code Injection on 100K Sites
WordPress is facing more vulnerabilities, this time in its Popup Builder plugin. The flaw allows unauthenticated attackers to inject malicious JavaScript into popups, which can then affect tens of …
Continue Reading about WordPress Plugin Bug Allows Malicious Code Injection on 100K Sites
Critical Zoho Zero-Day Flaw Disclosed
The IT help desk ManageEngine software made by Zoho Corp has been compromised by a zero-day vulnerability that enables unauthenticated access to systems, allowing a remote attacker to launch attacks. …
Continue Reading about Critical Zoho Zero-Day Flaw Disclosed
Zoho zero-day published on Twitter
Yesterday, security researchers reported a zero-day vulnerability in a Zoho enterprise product. The zero-day impacts the Zoho ManageEngine Desktop Central, an endpoint management solution. Android …
MediaTek Bug Actively Exploited, Affects Millions of Android Devices
This week, Google addressed a high severity flaw that exists in MediaTek's Command Queue driver. The bug has already been used to build malicious apps that compromise Andriod devices by gaining root …
Continue Reading about MediaTek Bug Actively Exploited, Affects Millions of Android Devices
Walgreens says mobile app leaked users’ personal data
Walgreen, a US pharmacy chain stated on Friday that it had been the victim of a data breach that exposed the personal detail of some of its mobile app users. The mobile app contained a bug that …
Continue Reading about Walgreens says mobile app leaked users’ personal data