Samsung released an update this week that patches a 0-click vulnerability that impacts all phones sold by the vendor since 2014. Google's Project Zero bug-hunting team discovered the flaw, which lies …
Oracle: Unpatched Versions of WebLogic App Server Under Active Attack
Oracle has stated that although it patched the CVE-2020-2883 vulnerability in its April 2020 Critical Patch Update, a proof of concept exploit was published soon after. The company is now advising …
Continue Reading about Oracle: Unpatched Versions of WebLogic App Server Under Active Attack
Single Malicious GIF Opened Microsoft Teams to Nasty Attack
Microsoft has disclosed that a since-patched flaw allowed an attacker to take over an organization's entire system of Microsoft Teams accounts. The subdomain takeover vulnerability in the company's …
Continue Reading about Single Malicious GIF Opened Microsoft Teams to Nasty Attack
Attackers exploit 0-day code-execution flaw in the Sophos firewall
Sophos systems have been hit by a zero-day attack that was designed to steal usernames, as well as cryptographically protected passwords, and other sensitive data. The security firm stated that it was …
Continue Reading about Attackers exploit 0-day code-execution flaw in the Sophos firewall
New iOS exploit discovered being used to spy on China’s Uyghur minority
Yesterday, a security firm stated that it discovered a new iOS exploit, named Insomnia, that works against iOS 12.3, 12.3.1, and 12.3.2. The security firm, Volexity, also stated that it believes the …
Continue Reading about New iOS exploit discovered being used to spy on China’s Uyghur minority
Over 350,000 Exchange Servers Exposed to Serious RCE Bug
According to Rapid7, over 350,000 Exchange servers across the globe remain exposed to a critical vulnerability patched by Microsoft in February. The vulnerability is actively exploited in the wild, …
Continue Reading about Over 350,000 Exchange Servers Exposed to Serious RCE Bug
Researcher Hijacks iOS, macOS Camera with Three Safari Zero-Days
Ryan Pickren, a security researcher, has been awarded $75,000 by Apple for uncovering seven zero-days in Safari, three of which Pickren used to access the camera. The discoveries were shared with …
Continue Reading about Researcher Hijacks iOS, macOS Camera with Three Safari Zero-Days
Two Zoom Zero-Day Flaws Uncovered
Patrick Wardle, a security researcher with Jamf, has uncovered two zero-day flaws in the Zoom macOS client version. The telecom and online class platform vulnerabilities have the potential to give …
Sensitive Voter Data Exposed by App Used in US Elections
According to cybersecurity company UpGaurd, sensitive information about US voters was left exposed as a result of a data breach by the application Campaign Sidekick, which functions as a voter contact …
Continue Reading about Sensitive Voter Data Exposed by App Used in US Elections
Critical WordPress Plugin Bug Lets Hackers Turn Users Into Admins
A vulnerability has been found in the WordPress SEO Plugin that allows attackers to give admin privileges to any registered users on sites run by WordPress. This leaves 200,000 sites with active …
Continue Reading about Critical WordPress Plugin Bug Lets Hackers Turn Users Into Admins