Americas

Asia

Europe

Oceania

Popular Topics

Topics

About

Policies

Our Network

More

HomeVulnerabilitiesPage 10

Vulnerabilities

Vulnerabilities | News, how-tos, features, reviews, and videos

Filter by
Analysis
BrandPost
Feature
How-To
Interview
News
News Analysis
Opinion
Reviews
Tip
news analysis

New Kubernetes vulnerability allows privilege escalation in Windows

Attackers can abuse YAML configuration files to execute malicious commands in Windows hosts.

13 Mar 2024 6 mins
DevSecOps Application Security Vulnerabilities
news

Magnet Goblin hackers used Ivanti bugs to drop custom Linux malware

NerbianRAT, a remote access malware used by Magnet Goblin, is downloaded on systems initially compromised with critical Ivanti Connect Secure flaws.

11 Mar 2024 3 mins
Malware Zero-day vulnerability
news analysis

VMware patches critical flaws that could allow attackers to escape VMs

Not yet exploited, these flaws could allow malicious code to be placed on host systems from inside a virtual machine.

07 Mar 2024 3 mins
Network Security Vulnerabilities
news

TeamCity supply chain bugs receive massive exploitation

Many TeamCity instances remain unpatched, allowing hackers to generate rogue admin accounts at a massive scale.

07 Mar 2024 3 mins
Bugs Vulnerabilities
news

Apple warns users against critical memory-corrupting attacks

The vulnerabilities have been exploited to bypass kernel memory protections, according to Apple.

06 Mar 2024 2 mins
Vulnerabilities
news

TeamCity hit by critical software supply chain bugs

The bugs can be used to gain administrative control over TeamCity's on-premises service, allowing software supply chain attacks.

05 Mar 2024 3 mins
Vulnerabilities
news analysis

North Korea’s Lazarus deploys rootkit via AppLocker zero-day flaw

The new exploit allowed Windows kernel privilege escalation, indicating increased sophistication from Lazarus APT group.

01 Mar 2024 6 mins
Advanced Persistent Threats Zero-day vulnerability Vulnerabilities
news analysis

International warning: Attackers could gain persistence on Ivanti VPN appliances

Researchers identify methods that could allow attackers to bypass Ivanti integrity checks for recent attacks, perhaps surviving factory resets.

01 Mar 2024 7 mins
Advanced Persistent Threats Critical Infrastructure Vulnerabilities
news

If you are generating SAML signing certificates externally, STOP!

SAML authentication certificates, generated with tools other than dedicated cloud identity solutions, can be forged by hackers, according to a new proof of concept.

01 Mar 2024 5 mins
Authentication Windows Security Vulnerabilities
news analysis

Insecure Apex code plagues many Salesforce deployments

Vulnerabilities created by insecure code could lead to data leakage or corruption, and the burden is on Salesforce customers to mitigate.

23 Feb 2024 5 mins
Data and Information Security Vulnerabilities