Malwarebytes Privacy VPN receives full third-party audit

For the careful VPN customer today, so much depends upon a privacy promise, made, too often, by a company without proof. No-logs policies, modern encryption algorithms, a refusal to store sensitive customer information, and full ownership of servers are just some of the features that contribute t...

EUVD-2025-6258

Malicious code in bioql PyPI...

CVE-2025-2271

A vulnerability exists in Issuetrak v17.2.2 and prior that allows a low-privileged user to access audit results of other users by exploiting an Insecure Direct Object Reference IDOR vulnerability in the Issuetrak audit component. The vulnerability enables unauthorized access to sensitive...

CVE-2025-2271

Issuetrak v17.2.2 and earlier contain an Insecure Direct Object Reference (IDOR) in the audit component, enabling a low-privileged user to access audit results of other users and exposing sensitive information (user details, network/hardware info, installed programs, processes, drives, printers)....

Kubeaudit - Tool To Audit Your Kubernetes Clusters Against Common Security Controls

kubeaudit is a command line tool and a Go package to audit Kubernetes clusters for various different security concerns, such as: run as non-root use a read-only root filesystem drop scary capabilities, don't add new ones don't run privileged and more! tldr.kubeaudit makes sure you deploy secure...

Cyber Insurance Rates to Rise – What Should I Do?

Organizations manage risk in three ways: they accept it, they take out insurance against it, or they take active measures to diminish its potential impact. These active measures commonly include deploying or enhancing or removing technology, updating policies and procedures, instituting training...

CVE-2013-4415

Multiple cross-site scripting XSS vulnerabilities in Spacewalk and Red Hat Network RHN Satellite 5.6 allow remote attackers to inject arbitrary web script or HTML via the 1 whereCriteria variable in a software channels search; 2 endyear, 3 starthour, 4 endampm, 5 endday, 6 endhour, 7 endminute, 8...

Anti OpenVAS defenses

It seems that your web server rejects requests from OpenVAS. It is probably protected by a reverse proxy. OpenVAS Vulnerability Test $Id: antinessus.nasl 8023 2017-12-07 08:36:26Z teissa $ Description: Anti OpenVAS defenses Authors: Michel Arboi Copyright: Copyright C 2003 Michel Arboi This progr...