Microsoft’s security researchers have uncovered a critical vulnerability in macOS. It enables hackers with root privileges to bypass System Integrity Protection (SIP). By exploiting…
vulnerability
Microsoft fixes three actively exploited Windows vulnerabilities.
Three zero-day vulnerabilities are included in Microsoft’s Patch Tuesday collection for February 2023. Not exactly the Valentine’s Day that we had in mind. If…
A Xalan-J vulnerability could lead to arbitrary code execution
Different SAML implementations make use of open-source initiatives. Researchers caution that a flaw in the Apache project Xalan-J used by numerous SAML implementations leads…
Systems Using RTLS Are Susceptible To MITM Attacks And Location Manipulation
Multiple UWB RTLS (real-time locating systems) vulnerabilities have been found by security researchers, giving threat actors the ability to conduct man-in-the-middle attacks and modify…
Update Zoom For Mac Right Away To Prevent The Root-Access Flaw
It’s time for a manual update if you use Zoom on a Mac. The most recent version to the video conferencing software closes a…
The Issue Of Cloud Isolation Is That Several Cloud Companies Are Impacted By PostgreSQL Flaws
How PostgreSQL-as-a-Service solutions from GCP, Azure, and other providers were found to have numerous connected vulnerabilities. The cloud has an isolation problem Tenant isolation…
Samba-Critical Vulnerability Let Attackers Gain Remote Code Execution
A Virtual File System of Samba was found to be vulnerable to Remote Code Execution. Versions before 4.13.17 were vulnerable to this vulnerability. Samba…
Zimbra issues hotfix for XSS vulnerability under active exploitation
Attackers have targeted mailboxes in multiple waves across two attack phases. Business email platform Zimbra has released a hotfix for a cross-site scripting (XSS)…
SSRF flaws created in multiple apps via Google Drive integration errors
Execution flaws in Google Drive integrations created server-side request forgery (SSRF) vulnerabilities in a mixture of applications, a security researcher has disclosed. This included…
Log4j vulnerability targets SolarWinds, ZyXEL devices
SolarWinds and ZyXEL devices are being attacked by cybercriminals who are searching for Log4jShell vulnerability aka log4j vulnerability. The devices are known to contain…