Experts from Trellix Threat Labs have shared research on multiple vulnerabilities in an industrial control system (ICS) used to grant physical access to protected facilities, and integrated into building automationRead More →
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a security alert regarding a set of vulnerabilities that would allow malicious hackers to take control of Illumia genetic analysis devices.Read More →
Threat actors could exploit a critical zero-day vulnerability in Windows Search to run remotely hosted malware just by automatically opening a search window with a Word document. According to theRead More →
After a researcher detected a specially crafted Word file to run arbitrary PowerShell on Windows systems, Microsoft confirmed that its operating system is affected by a zero-day vulnerability tracked asRead More →
Cybersecurity specialists published a report detailing the finding of what they describe as a “design flaw” in the Fast Identity Online (FIDO) passwordless authentication system. The report, titled “Provable SecurityRead More →
Maintainers of Argo CD, the continuous delivery (CD) tool for Kubernetes, announced the fix of a vulnerability that would have allowed threat actors to spoof JSON Web Tokens (JWTs) andRead More →
Cisco announced the fixing of a zero-day vulnerability in the software of its XR IOS routers whose exploitation would have allowed unauthenticated threat actors to remotely access Redis instances runningRead More →
In a recent alert, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) recommends VMware users update or even delete their deployments due to the detection of critical vulnerabilities, exploited justRead More →
Rapid7 cybersecurity specialists report that thousands of Zyxel firewalls could be exposed to remote attacks due to a recently detected vulnerability. While the company has already released the corresponding patches,Read More →