This week, Drupal administrators announced the release of security updates in order to address some security flaws that could lead to access bypass and data overwriting attacks. In its report,Read More →
A flaw has been reported in the Modbus preprocessor of the Snort detection engine whose exploitation could lead to severe hacking scenarios. Snort is a free network intrusion detection systemRead More →
In a joint report, the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the US Treasury Department are warning blockchain/cryptocurrency users and organizations about anRead More →
In a recent report, Google Project Zero pointed out that during 2021 58 zero-day vulnerabilities were reported exploited, a record in the short time that this specialized team has beenRead More →
After receiving a report from ESET researcher Martin Smolár, Lenovo security teams announced the correction of three severe vulnerabilities. Tracked as CVE-2021-3970, CVE-2021-3971, and CVE-2021-3972, the flaws could be exploitedRead More →
Information security specialists report the detection of a critical vulnerability in Composer, a package management system for programming in PHP that provides the standard formats necessary to handle PHP dependenciesRead More →
Citrix announced the release of security patches for multiple vulnerabilities present in some of its products, including a severe issue in SD-WAN. Tracked as CVE-2022-27505, this flaw was described asRead More →
Those responsible for the NGINX web server released a series of security updates to fix a severe zero-day vulnerability in its Lightweight Directory Access Protocol (LDAP). The NGINX LDAP referenceRead More →
Developers addressed a command injection vulnerability in asciidoctor-include-ext, a popular Ruby library that allows users to parse and convert AsciiDoc files. According to the report, this vulnerability allows remote codeRead More →