Category: Information Security
Critical vulnerabilities in Delta Electronics’ Operational Technology (OT) monitoring product could enable hackers to conceal their activities from the staff of the targeted organization. The issue affects a Delta product named InfraSuite Device Master,...
LibreOffice, the popular free and open-source office suite, has recently been patched for two critical vulnerabilities that could put user data at risk. CVE-2023-6185 and CVE-2023-6186 vulnerabilities could allow attackers to gain control of...
In the ever-evolving landscape of cyber threats, the Lazarus Group stands as a formidable name, notorious for its sophisticated attacks and elusive tactics. Recently, Cisco Talos discovered their new campaign, dubbed “Operation Blacksmith,” has...
Attention WordPress users! A critical security vulnerability has been discovered in the Backup Migration plugin, impacting over 90,000 websites. This vulnerability, known as CVE-2023-6553 and rated 9.8/10 in severity, allows attackers to take complete...
The United States National Vulnerability Database (NVD) added Bitcoin to its list on December 9th, highlighting a protocol vulnerability that facilitated the development of the Ordinals Protocol in 2022. This flaw has been assigned...
PyInstaller, a popular tool for packaging Python applications, has been harboring a vulnerability that could allow unprivileged attackers to escalate their privileges and gain control of your system. This vulnerability, identified as CVE-2023-49797 with...
Microsoft has released a critical security update for its Edge browser. This update addresses multiple vulnerabilities that could be exploited by attackers to gain access to your system, steal sensitive information, or even take...
In the shadowy world of cyber espionage, the Kimsuky threat group, believed to be backed by North Korea, stands out for its persistent and evolving tactics. Active since 2013, Kimsuky initially focused on South...
A software engineer from SkySafe, Mark Newlin, discovered a perilous vulnerability in Bluetooth, that existed since around 2012. This flaw enables malefactors to connect to Apple, Android, and Linux devices without authentication and execute...
Apache Struts, the popular open-source framework for building Java web applications, has been hit by a critical vulnerability (CVE-2023-50164) that could allow attackers to remotely execute code on vulnerable servers. This is a serious...
A critical vulnerability discovered in WordPress versions 6.4 and 6.4.1 could allow attackers to execute arbitrary PHP code on your website, potentially leading to complete site takeover. While not directly exploitable on its own,...
curl, a popular tool for transferring data from or to a server, has been found to harbor two vulnerabilities that could expose users to cookie hijacking and HSTS data loss. These vulnerabilities, collectively known...