#BHUSA: Security Risks to Boom in the Era of Widespread Generative AI Adoption
The security and privacy concerns around the use of generative AI today could be just the tip of a forming...
UK Government Slammed For Encryption Mistruths
The technology secretary has drawn the ire of encryption experts by repeating false claims and half-truths about the Online Safety...
Researchers Suggest Ways to Tackle Thermal Attacks
Researchers at Glasgow University have identified 15 ways users and manufacturers could reduce the risk of thermal attacks to boost...
CISA: New Whirlpool Backdoor Used in Barracuda ESG Campaign
Security researchers have discovered a third novel backdoor that was used in attacks on users of Barracuda ESG appliances recently.The...
Lapsus$ Hacker Group Exposed in Latest CSRB Report
The US Cyber Safety Review Board (CSRB) has issued a comprehensive report shedding light on the operations of the notorious...
DroxiDat-Cobalt Strike Duo Targets Power Generator Network
A new variant of the SystemBC malware, paired with Cobalt Strike beacons, has been identified in a recent cyber-attack targeting...
DHS to Review Microsoft’s Security in Chinese Email Hack
The US Department of Homeland Security (DHS) has announced it will investigate Microsoft’s security practices in relation to the recent...
Multiple Flaws Found in the Avada WordPress Theme and Plugin
Multiple vulnerabilities have been identified in the widely used Avada theme and its accompanying Avada Builder plugin. These security flaws, uncovered...
CISA: Microsoft Releases August 2023 Security Updates
Microsoft Releases August 2023 Security Updates Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can...
CISA: CISA Releases its Cybersecurity Strategic Plan
CISA Releases its Cybersecurity Strategic Plan Today, CISA released a strategic plan to lay out how we will fulfill our...
CISA: CISA Releases Five Industrial Control Systems Advisories
CISA Releases Five Industrial Control Systems Advisories CISA released five Industrial Control Systems (ICS) advisories on August 3, 2023. These...
CISA: CISA, NSA, FBI, and International Partners Release Joint CSA on Top Routinely Exploited Vulnerabilities of 2022
CISA, NSA, FBI, and International Partners Release Joint CSA on Top Routinely Exploited Vulnerabilities of 2022 The U.S. Cybersecurity and...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog,...
CISA: Fortinet Releases Security Update for FortiOS
Fortinet Releases Security Update for FortiOS Fortinet has released a security update to address a vulnerability (CVE-2023-29182) affecting FortiOS. A...
CISA: Adobe Releases Security Updates for Multiple Products
Adobe Releases Security Updates for Multiple Products Adobe has released security updates to address multiple vulnerabilities in Adobe software. An...
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on August 8, 2023. These...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog,...
CISA: CISA Releases Twelve Industrial Control Systems Advisories
CISA Releases Twelve Industrial Control Systems Advisories CISA released twelve Industrial Control Systems (ICS) advisories on August 10, 2023. These...
US-CERT Vulnerability Summary for the Week of July 31, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoyunyecms -- yunyecmsSQL injection vulnerability in yunyecms 2.0.2 allows remote attackers to...
HackerOne Bug Bounty Disclosure: b-hackerone-support-system-doesn-t-require-any-authentication-may-lead-unauthorized-action-b-rafsanzami
Company Name: b'HackerOne' Company HackerOne URL: https://hackerone.com/security Submitted By:b'rafsanzami'Link to Submitters Profile:https://hackerone.com/b'rafsanzami' Report Title:b"HackerOne Support System Doesn't Require Any Authentication...
HackerOne Bug Bounty Disclosure: b-wiiu-switch-remote-code-execution-inside-the-enl-library-b-crazy-man
Company Name: b'Nintendo' Company HackerOne URL: https://hackerone.com/nintendo Submitted By:b'crazy_man123'Link to Submitters Profile:https://hackerone.com/b'crazy_man123' Report Title:b' Remote code execution inside the ENL...
HackerOne Bug Bounty Disclosure: b-idor-in-channel-id-leads-to-customer-email-disclosure-on-https-video-ibm-com-b-tusnj
Company Name: b'IBM' Company HackerOne URL: https://hackerone.com/ibm Submitted By:b'tusnj'Link to Submitters Profile:https://hackerone.com/b'tusnj' Report Title:b'IDOR in channel ID leads to customer...
HackerOne Bug Bounty Disclosure: b-create-miscellaneous-support-ticket-on-anyone-s-account-through-support-hackerone-com-email-b-sayaanalam
Company Name: b'HackerOne' Company HackerOne URL: https://hackerone.com/security Submitted By:b'sayaanalam'Link to Submitters Profile:https://hackerone.com/b'sayaanalam' Report Title:b"Create miscellaneous support ticket on anyone's account...
HackerOne Bug Bounty Disclosure: b-nginx-alias-traversal-babel-bluetab-net-b-dk-trin
Company Name: b'IBM' Company HackerOne URL: https://hackerone.com/ibm Submitted By:b'dk4trin'Link to Submitters Profile:https://hackerone.com/b'dk4trin' Report Title:b'Nginx Alias Traversal - babel.bluetab.net'Report Link:https://hackerone.com/reports/2061826Date Submitted:11...
