Cybersecurity researchers have identified a critical severity vulnerability that lies in the YITH WooCommerce Gift Cards premium WordPress plugin. According to research, the plug is being exploited in …
Over 50 New CVE Numbering Authorities Announced in 2022
In 2022, more than 50 organizations have been added as a CVE Numbering Authority (CNA), raising the total number of CNA organizations to 260 spanning 35 countries. CNAs have the capability to assign …
Continue Reading about Over 50 New CVE Numbering Authorities Announced in 2022
Google shares details of newly found commercial spyware threats
On Wednesday, tech giant Google released details regarding a recently identified exploitation frameworks that it capable of deploying spyware. Google has dubbed the exploits "Heliconia." The exploits …
Continue Reading about Google shares details of newly found commercial spyware threats
Cyber-Threat Group Targets Critical RCE Vulnerability in ‘Bleed You’ Campaign
Security firm Cyfirma has released a new report detailing a critical flaw tracked as CVE-2022-34721 that has been under active attack since at least September of this year. The flaw is being exploited …
Continue Reading about Cyber-Threat Group Targets Critical RCE Vulnerability in ‘Bleed You’ Campaign
Acer Firmware Flaw Lets Attackers Bypass Key Security Feature
Security researchers at ESET have identified a flaw tracked as CVE-2022-4020 impacting the Acer firmware. The flaw impacts five of the company's laptop models and could allow an attacker to disable a …
Continue Reading about Acer Firmware Flaw Lets Attackers Bypass Key Security Feature
Billbug Targets Government Agencies in Multiple Asian Countries
According to security researchers at Symantec, state-sponsored actors operating for the Billbug group, also known as Thrip and Lotus, have attempted to compromise a digital certificate authority in an …
Continue Reading about Billbug Targets Government Agencies in Multiple Asian Countries
Microsoft Patches Six Zero-Day Bugs this Month
During this month's Patch Tuesday, Microsoft released a relatively low number of security updates to fix flaws plaguing its products, however, six of the patches are flaws being actively exploited in …
Continue Reading about Microsoft Patches Six Zero-Day Bugs this Month
GitHub Bug Exposed Repositories to Hijacking
Security researchers have identified a flaw in GitHub that reportedly enables attackers to take control of repositories, thus allowing them to spread malware and infect code. GitHub has fixed the bug …
Continue Reading about GitHub Bug Exposed Repositories to Hijacking
Apple Fixes Actively Exploited iOS and iPadOS Zero-Day Vulnerability
Apple released new updates earlier this week that patch zero-day vulnerabilities in iOS and iPadOS devices. The flaws fixed in the latest updates have reportedly been exploited in the wild by threat …
Continue Reading about Apple Fixes Actively Exploited iOS and iPadOS Zero-Day Vulnerability
Zoom Patches High-Severity Flaw in macOS Client
Zoom released a patch last week that fixes a high-severity flaw in its client for macOS devices. The video messaging platform identified the vulnerability, which is tracked as CVE-2022-28762, as a …
Continue Reading about Zoom Patches High-Severity Flaw in macOS Client