Recently, security researchers at the Mimecast Threat Center discovered a new vulnerability in the Microsoft Excel spreadsheet application, which has caused 120 million users to be vulnerable to cyber attacks. The researcher points out...
Charles Holmes, a security researcher at Atredis Partners, discovered a new vulnerability in Kubernetes that could allow an attacker to place a malicious container on a user’s workstation. This vulnerability affects Kubernetes’ kubectl command-line...
Recently, researchers from Check Point Research and CyberInt disclosed a vulnerability from the EA Origin service. Origin is a Steam-like digital distribution platform launched by EA. Since it is the only way to get...
Gatekeeper is a security tool on macOS system designed to ensure that only trusted software to run on the Mac. However, this application authentication feature has a security vulnerability that can be used to...
Dell SupportAssist has again a flaw. Software such as Support Assistant is mainly to help users automatically update drivers or contact technical support. Many manufacturers pre-install this type of software. The software itself has...
The 0-day vulnerability that Firefox just fixed was used to attack Coinbase employees. According to Philip Martin, a member of Coinbase security team, the attacker combination exploited two 0day vulnerabilities, one of which was a...
The Debian project team today released a new security update for Intel microcode firmware to fix the recently disclosed Intel MDS (Microarchitecture Data Sampling) vulnerability. On May 14 this year, Intel disclosed four new...
Recently, security experts from IBM X-Force discovered a remote code execution vulnerability (CVE-2019-7406) in the TP-Link Wi-Fi Extender. The vulnerability could be exploited by an unauthenticated remote attacker by triggering a malformed HTTP request, allowing...
Firefox browser has just pushed a new emergency security update to fix the zero-day vulnerability discovered by Google Project Zero. Mozilla has also confirmed that hackers have begun to exploit this vulnerability in the...
Netflix engineers have discovered multiple TCP network vulnerabilities in the Linux and FreeBSD kernels. Vulnerabilities are related to minimum segment size (MSS) and TCP Selective Acknowledgement (SACK) capabilities, the most serious of which is...
Recently, Google disclosed a security vulnerability that has been fixed. This vulnerability is a cross-site scripting attack that can be used to attack Google’s network and impersonate its employees. It is worth noting that...
Microsoft has been convincing old Windows users to install patches as soon as possible to fix a serious RDP vulnerability called “BlueKeep.” After receiving support from the National Security Agency (NSA) earlier this month,...
Recently, KnownSec 404 Team found an in-depth exploit for Oracle Weblogic with similar attack characteristics to CVE-2019-2725. This attack can bypass the latest security patches released by Oracle officially in April. Because there is...
The world-renowned software Evernote is currently found to have serious security vulnerabilities, and the problem is the extension of Evernote on Google Chrome. This vulnerability allows an attacker to build a phishing website and...
Google’s security team has again announced an 0-day vulnerability in Windows 10 that could lead to a denial of service problem on the server. Originally, this vulnerability was discovered and notified to Microsoft three...
On June 11th, Adobe officially released the June security update, which fixes multiple vulnerabilities in Adobe’s various products, including Adobe Flash player, Adobe Campaign and Adobe ColdFusion. Vulnerability Overview: Adobe Flash Player Adobe has...
