There are patches or remediations for all of them, but they’re still being picked apart. Why should attackers stop if the flaws remain unpatched, as so many do?
Researchers plan to introduce a revamp of PunkSpider, which helps identify flaws in websites so companies can make their back-end systems more secure, at DEF CON.
Researchers preview work to be presented at Black Hat on how AD “misconfiguration debt” lays out a dizzying array of attack paths, such as in PetitPotam.
Two bugs, now patched except in older versions, could be chained to allow attackers to hijack Zimbra server by simply sending a malicious email.
The unpatched flaws include RCE and authenticated privilege escalation on the client-side: Just the latest woe for the ransomware-walloped MSP.
Company urges iPhone, iPad and Mac users to install updates to fix a critical memory corruption flaw that can allow for attackers to take over a system.
Enormous botnets of IoT devices are going after decades-old legacy systems that are rife in systems that control crucial infrastructure.
Microsoft releases mitigations for a Windows NT LAN Manager exploit that forces remote Windows systems to reveal password hashes that can be easily cracked.
Sprechen Sie Rust? Polyglot malware authors are increasingly using obscure programming languages to evade detection.
The software-engineering platform is urging users to patch the critical flaw ASAP.