A Virtual File System of Samba was found to be vulnerable to Remote Code Execution. Versions before 4.13.17 were vulnerable to this vulnerability. Samba…
Vulnerable WordPress
Cross site scripting
Zimbra issues hotfix for XSS vulnerability under active exploitation
Attackers have targeted mailboxes in multiple waves across two attack phases. Business email platform Zimbra has released a hotfix for a cross-site scripting (XSS)…
Cybersecurity
SSRF flaws created in multiple apps via Google Drive integration errors
Execution flaws in Google Drive integrations created server-side request forgery (SSRF) vulnerabilities in a mixture of applications, a security researcher has disclosed. This included…
Cybersecurity
Log4j vulnerability targets SolarWinds, ZyXEL devices
SolarWinds and ZyXEL devices are being attacked by cybercriminals who are searching for Log4jShell vulnerability aka log4j vulnerability. The devices are known to contain…
apache
Log4j news -Log4j patch releases by Apache
Log4j news – On 28th December 2021, another vulnerability affecting the Log4j logging library was discovered. The vulnerability is labelled CVE-2021-44832. The vulnerability CVE-2021-44832…
Cybersecurity
Log4j vulnerability, risks emanating from it
Already existing codes and codes created from scratch Earlier, an author of software wrote each code from scratch for the software, but things have…
Bug Bounty
Facebook extends its bug bounty program
Meta Platforms, formerly known as Facebook, has announced that it’s scaling up its bug bounty program. The bug bounty program will start rewarding genuine…
Chrome
Chrome patch for zero-day Vulnerability
Google released a patch for 5 vulnerabilities found in Chrome. One of the vulnerabilities was being exploited in the wild, and it was altogether…
Cybercrime
MANGA Exploiting TP-Link Vulnerability
The MANGA(aka Dark Mirai) botnet operators’ exploitation of a vulnerability in the TP-Link TL-WR4840N EU V5 has come to light. The vulnerability allows hackers…
attackers
VMware releases patches for two flaws
VMware released updates to plug two loopholes in vCenter Server and Cloud Foundation that can be exploited to obtain sensitive information. The acute vulnerability…