Ivanti is alerting of two new high-severity flaws in its Connect Secure and Policy Secure products, one of which is said to...
Google has rolled out security updates for the Chrome web browser to address a high-severity zero-day flaw that it said has been...
Threat actors are increasingly making use of GitHub for malicious purposes through novel methods, including abusing secret Gists and issuing malicious commands...
Multiple security vulnerabilities have been discovered in the open-source Netgate pfSense firewall solution called pfSense that could be chained by an attacker...
New research has found that over 15,000 Go module repositories on GitHub are vulnerable to an attack called repojacking. “More than 9,000...
Image Source: JFrog Security Research Patches have been released for two security flaws impacting the Curl data transfer library, the most severe...
The maintainers of the Curl library have released an advisory warning of two security vulnerabilities that are expected to be addressed as...
A high-severity security flaw has been disclosed in N-Able’s Take Control Agent that could be exploited by a local unprivileged attacker to...
A new vulnerability disclosed in GitHub could have exposed thousands of repositories at risk of repojacking attacks, new findings show. The flaw...
A high-severity security flaw has been disclosed in the Python URL parsing function that could be exploited to bypass domain or protocol...
The threat actors behind the ransomware attack on Taiwanese PC maker MSI last month have leaked the company’s private code signing keys...
A sophisticated attack campaign dubbed SCARLETEEL is targeting containerized environments to perpetrate theft of proprietary data and software. “The attacker exploited a...
Cybersecurity researchers have exposed a wide variety of techniques adopted by an advanced malware downloader called GuLoader to evade security software. “New...
A critical security flaw has been disclosed in Amazon Elastic Container Registry (ECR) Public Gallery that could have been potentially exploited to...
If one word could sum up the 2021 infosecurity year (well, actually three), it would be these: “supply chain attack”. A software...
Unpatched software is a computer code containing known security weaknesses. Unpatched vulnerabilities refer to weaknesses that allow attackers to leverage a known...
Cisco Systems has released security updates to address vulnerabilities in multiple Cisco products that could be exploited by an attacker to log...
Severe security flaws uncovered in popular Visual Studio Code extensions could enable attackers to compromise local machines as well as build and...