Microsoft’s security researchers have uncovered a critical vulnerability in macOS. It enables hackers with root privileges to bypass System Integrity Protection (SIP). By exploiting…
Vulnerability
Cross-Site Scripting
Ongoing XSS Attacks Targeting WordPress
An ongoing series of attacks is currently targeting a vulnerability known as Unauthenticated Stored Cross-Site Scripting (XSS) in a popular WordPress cookie consent plugin…
WiFi Protocol Flaw
WiFi Protocol Flaw: Security Flaw Allows Hijacking of Network Traffic
A cybersecurity researchers have recently discovered a critical Wifi protocol flaw in the design of the IEEE 802.11 WiFi protocol standard. This vulnerability allows…
cyberattack
Attack using “blink and you’ll miss it” on smart lights
Major aspects of our everyday life have gradually shifted to some degree of Internet access over the past couple of years. Smartphones and other…
RCE vulnerability
Zyxel NAS Devices Have a Critical RCE Vulnerability; A Firmware Patch Has Been Released
Networking equipment maker Zyxel has released patches for a critical security flaw impacting its network-attached storage (NAS) devices. Zyxel NAS Devices Have a Critical…
General
Automate the binary vulnerability disclosure with Ghidra and Semgrep
The following tools can be used to automate processes involving vulnerability finding using static analysis methods: A straight forward Ghidra script named Rhabdomancer finds…
General
Zyxel releases patches for 4 Flaws
Zyxel has rolled out patches for four security flaws plaguing its firewall, AP Controller, and AP products. The flaw can be exploited to carry…
General
Google’s OAuth client library for Java had a major flaw
Last month Google patched a severe flaw in its OAuth client library for Java; the actors can exploit the flaw by using a compromised…
General
Vmware Horizon servers continue to be exploited through log4j vulnerability
Attackers continue to target VMware Horizon servers, which many organizations use to securely access enterprise apps for remote workers. Attackers are exploiting the critical…
General
Botnet Malware jeopardises over 2,00,000 Mikro Tik routers
Mikro Tik’s vulnerable routers have been used in one of the largest botnet-as-a-service cybercrime, according to cybersecurity researchers. Avast published a new piece of…