Some 45,000 Internet-exposed Jenkins servers remain unpatched against a critical, recently disclosed arbitrary file-read vulnerability for which proof-of-exploit code is now publicly available.CVE-2024-23897 affects...
A critical security vulnerability in Cisco Unified Communications and Contact Center Solutions (UC/CC) could allow unauthenticated remote code execution (RCE).The bug (CVE-2024-20253, 9.9 CVSS)...
Two vulnerabilities have been found in NetScaler ADC and NetScaler Gateway, formerly known as Citrix ADC and Citrix Gateway, and are affecting six supported...
A threat actor is targeting a common misconfiguration in Hadoop YARN and Apache Flink to try and drop Monero cyrptominers in environments running the...
Microsoft eased enterprise security teams into 2024 with a relatively light January security update consisting of patches for 48 unique CVEs, just two of...
A critical vulnerability in the Cacti Web-based open source framework for monitoring network performance gives attackers a way to disclose Cacti's entire database contents...
A previously undocumented hardware feature within Apple's iPhone System on a Chip (SoC) allows for exploitation of multiple vulnerabilities, eventually letting attackers bypass hardware-based...
Google has issued an urgent update to address a recently discovered vulnerability in Chrome that has been under active exploitation in the wild, marking...
Blockchain firm CertiK recently issued a high-priority warning to users of the OKX Wallet, particularly those using the iOS application. The alert, communicated via...
Attackers are exploiting a 6-year-old Microsoft Office remote code execution (RCE) flaw to deliver spyware, in an email campaign weaponized by malicious Excel attachments...