Ivanti vulnerabilities now actively exploited in massive numbers
Two vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure Gateways are subject to massive exploitation despite an available workaround.
Read moreExploits and vulnerabilities
GitLab warns zero-click vulnerability could lead to account takeovers
GitLab has warned about a critical vulnerability that allows an attacker to change passwords without user interaction.
Read moreJoomla! vulnerability is being actively exploited
A vulnerability in the popular Joomla! CMS has been added to CISA’s known exploited vulnerabilities catalog.
Read moreAct now! Ivanti vulnerabilities are being actively exploited
Several international security agencies are echoing a warning by Ivanti about actively exploited vulnerabilities in its VPN solution.
Read moreInfo-stealers can steal cookies for permanent access to your Google account
Several info-stealers have incorporated an exploit that allows them to gain permanent access to your Google account
Read morePatch now! First patch Tuesday of 2024 is here
Microsoft’s patch Tuesday roundup looks like a relatively quiet one. Unless your organization uses FBX files.
Read moreHow AI hallucinations are making bug hunting harder
People using LLMs for bug bounty hunts are wasting developers’ time argues the lead developer of cURL. And he’s probably right.
Read moreExplained: SMTP smuggling
Researchers have found flaws in the way SMTP servers handle messages, allowing them to send spoofed emails to and from targets.
Read more