Exploiting vulnerabilities detected in previous versions of Log4j remains a severe issue, so the cybersecurity community is still looking for the best ways to prevent a cyberattack. However, some usersRead More →
A new Rowhammer attack variant on DRAM devices would allow threat actors to evade the security measures implemented by the manufacturers of these devices after the appearance of the firstRead More →
A security report notes that Command-Option-Argument (coa), the popular npm library, has been infiltrated with a malicious backdoor code, which could have severe consequences worldwide. This library is downloaded aboutRead More →
Ethical hacking is a field in constant evolution, so it is necessary that researchers are always informed about the latest trends in terms of tactics, hacking groups and security tools.Read More →
On Thursday, the security researcher known as Illusion of Chaos revealed multiple details about three zero-day vulnerabilities in iOS, ensuring that Apple received reports about these flaws for months andRead More →
The developers of Travis CI, a DevOps continuous integration and continuous delivery (CI/CD) platform, recently issued a statement acknowledging the detection of a security issue, although they downplayed it. InRead More →
Through a GitHub repository, cybersecurity specialist Nguyen The Duc published the proof-of-concept (PoC) exploit code to achieve a successful exploitation of the newly identified zero-day vulnerability in Ghostscript servers. AccordingRead More →
Multiple reports were released this week about PrintNightmare, a critical vulnerability residing in the Windows systems print service tracked as CVE-2021-1675. Apparently the company was unable to fix this flawRead More →
It is nothing new that source code repositories are used to host sensitive information of an organization such as access credentials, personal data, among other records, which can be attractiveRead More →