PoC exploits for Apache Flink Path Traversal vulnerabilities posted
This week, the Apache Flink project has disclosed two severe Path Traversal vulnerabilities in the framework that can allow attackers...
News
Source code revealed for malware that locks IoT male chastity devices
While ransomware operators are holding companies' private data for multi-million dollar ransom amounts, this one's got your private parts. A...
Cloudflare WAF bypass exploits revealed
Cloudflare Web Application Firewall (WAF) which touts itself to protect some 25 million sites remains vulnerable to rule bypasses, researchers...
Amey suffers cyber attack from ransomware
Amey Plc, the British giant providing infrastructure support services to both regulated and public sectors has suffered a ransomware attack...
Backdoor master password for thousands of Zyxel firewalls revealed
Multiple Zyxel devices including firewalls and access point (AP) controllers contain a hardcoded username-password combination in the firmware images, which...
New Golang malware runs Monero miner on servers
Image credit: QuoteInspector A new strand of Golang malware discovered this week installs the well-known Monero cryptocurrency miner, XMRig on...
Kaggle fixes vulnerability that disclosed private leaderboard data via API
Kaggle, an online community of data scientists and machine learning (ML) practitioners, has been exposing private competition data due to...
Hacker selling Vodafone’s Ho Mobile database of 2.5M users
A threat actor has posted a thread on one of the dark web forums claiming to sell Ho Mobile's database...
Joomla fixes ACL violation vulnerability after 2 years
The development team behind popular CMS Joomla which powers over 2.5 million sites has patched an access control violation vulnerability...
Google ‘Send Feedback’ bug could expose your sensitive data to attackers
This week, security researcher KL Sreeram has disclosed a vulnerability in Google Docs which could let hackers steal sensitive data...