Vulnerability of web-based interfaces for microprogramming systems: Wi-Fi routers such as Netis NX10, Netis 11AC Router NC65, Netis 11AC Router NC63, Netis 11AC Router NC21, and Netis Wifi Router MW5360 allow attackers to disclose protected information.

The vulnerability of the web-based management interfaces for Netis microprogramming systems, including Netis NX10, Netis 11AC Router NC65, Netis 11AC Router NC63, Netis 11AC Router NC21, and Netis Wifi Router MW5360, is related to insufficient protection for sensitive data. Exploiting this...

The vulnerability of the switch network firewall for HPE CX 10000 corporate networks allows a intruder to disclose protected information.

The vulnerability of the switch network firewalls for HPE CX 10000 corporate networks is related to insufficient protection of operational data. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...

The vulnerability in the implementation of the OpenPGP email encryption standard for the Mozilla Thunderbird client allows a perpetrator to disclose the protected information.

The vulnerability of the OpenPGP email encryption standard implemented by Mozilla Thunderbird client relates to insufficient protection of confidential data. Exploiting this vulnerability could allow a malicious actor to disclose the protected information...

The vulnerability of Moxa VPORT 07-3 microprogrammed IP cameras lies in the insufficient protection of confidential data by suppliers (OSAT), allowing intruders to trigger a service failure.

The vulnerability of Moxa VPORT 07-3 microprogrammed IP cameras is related to insufficient protection of confidential data by suppliers OSATs. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

Harnessing AI for Proactive Threat Intelligence and Advanced Cyber Defense

Discover how AI revolutionizes cybersecurity with real-time threat detection, adaptive protection, and advanced data protection to combat evolving…...

India Proposes Digital Data Rules with Tough Penalties and Cybersecurity Requirements

The Indian government has published a draft version of the Digital Personal Data Protection DPDP Rules for public consultation. "Data fiduciaries must provide clear and accessible information about how personal data is processed, enabling informed consent," India's Press Information Bureau PIB sa...

PT-2025-1194 · Ibm · Ibm Concert

Name of the Vulnerable Software and Affected Versions: IBM Concert Software versions 1.0.0 through 1.0.3 Description: The issue is related to the failure to properly enable HTTP Strict Transport Security, which could allow a remote attacker to obtain sensitive information using man-in-the-middle...

New U.S. DoJ Rule Halts Bulk Data Transfers to Adversarial Nations to Protect Privacy

The U.S. Department of Justice DoJ has issued a final rule carrying out Executive Order EO 14117, which prevents mass transfer of citizens' personal data to countries of concern such as China including Hong Kong and Macau, Cuba, Iran, North Korea, Russia, and Venezuela. "This final rule is a...

CVE-2024-56800

Firecrawl is a web scraper that allows users to extract the content of a webpage for a large language model. Versions prior to 1.1.1 contain a server-side request forgery SSRF vulnerability. The scraping engine could be exploited by crafting a malicious site that redirects to a local IP address...

Google Vertex AI Information Disclosure Vulnerability

Google Vertex AI is a Google Cloud console tool from Google USA for rapid prototyping and testing of generative AI models. Google Vertex AI suffers from an information disclosure vulnerability that stems from the application's inadequate protection of sensitive information, which can be exploited...

Top Open Source API Security Tools

The modern world relies on Application Programming Interfaces APIs. They allow applications to communicate with each other, servers, and consumers to facilitate data sharing and simplify application development. Without them, the internet would be unrecognizable. However, APIs also present a...

Our Santa wishlist: Stronger identity security for kids

Sorry for the headline, but we have to get creative to get anyone to read an article on a Friday like this one, even if it is an important story. As we enter the holidays and parents begin to rest after another hectic year of shopping for their kids, Malwarebytes Labs wants to draw some attention...

Security Bulletin: A vulnerability in IBM WebSphere Application Server Liberty may affect IBM Storage Protect for Virtual Environments: Data Protection for VMware

Summary IBM Storage Protect for Virtual Environments: Data Protection for VMware can be affected by a security flaw in IBM WebSphere Application Server Liberty. An attacker could exploit this vulnerability using a certificate issued by a trusted authority to obtain sensitive information, as...

Security Bulletin: A vulnerability in IBM WebSphere Application Server Liberty may affect IBM Storage Protect for Virtual Environments: Data Protection for Hyper-V

Summary IBM Storage Protect for Virtual Environments: Data Protection for Hyper-V can be affected by a security flaw in IBM WebSphere Application Server Liberty. An attacker could exploit this vulnerability using a certificate issued by a trusted authority to obtain sensitive information, as...

Dutch DPA Fines Netflix €4.75 Million for GDPR Violations Over Data Transparency

The Dutch Data Protection Authority DPA on Wednesday fined video on-demand streaming service Netflix €4.75 million $4.93 million for not giving consumers enough information about how it used their data between 2018 and 2020. An investigation launched by the DPA in 2019 found that the tech giant d...

The software for data protection solutions from Dell RecoverPoint for virtual machines has a vulnerability related to improper verification of the cryptographic signature. This vulnerability allows attackers to elevate their privileges to the root level.

The vulnerability of the Dell RecoverPoint data protection software for virtual machines is related to improper verification of the cryptographic signature. Exploiting this vulnerability could allow an attacker to elevate their privileges to the root level...

The software for data protection solutions from Dell RecoverPoint for virtual machines is vulnerable due to errors in filtering specific elements, allowing attackers to trigger a service failure.

The vulnerability of the Dell RecoverPoint data protection software for virtual machines is related to errors in filtering specific elements. Exploiting this vulnerability could allow a malicious actor to trigger a service failure...

Meta Fined €251 Million for 2018 Data Breach Impacting 29 Million Accounts

Meta Platforms, the parent company of Facebook, Instagram, WhatsApp, and Threads, has been fined €251 million around $263 million for a 2018 data breach that impacted millions of users in the bloc, in what's the latest financial hit the company has taken for flouting stringent privacy laws. The...

The vulnerability of AMD’s microprogrammed software for processors lies in the violation of data protection mechanisms, allowing attackers to circumvent the SPI ROM protection mechanism.

The vulnerability of AMD’s microprogrammed software lies in the bypass of the data protection mechanism. Exploiting this vulnerability allows an attacker to circumvent the SPI ROM protection mechanism by modifying the data...

The vulnerability in virtual and physical systems of Veeam Backup & Replication lies in the insufficient protection of registration data, allowing attackers to execute arbitrary codes.

The vulnerability of virtual and physical systems managed by Veeam Backup & Replication is related to insufficient protection of registration data. Exploiting these vulnerabilities could allow a malicious actor, operating remotely, to execute arbitrary code...