644 matches found
Important: Red Hat Security Advisory: multicluster engine for Kubernetes v2.9.2 security update
The multicluster engine for Kubernetes 2.9 General Availability release images, which add new features and enhancements, bug fixes, and updated container images. The multicluster engine for Kubernetes v2.9 images The multicluster engine for Kubernetes provides the foundational components that are...
Important: Red Hat Security Advisory: Red Hat multicluster global hub 1.4.4 security update
Red Hat multicluster global hub v1.4.4 general availability release images, which provide security fixes, bug fixes, and updated container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which...
Hitachi SuprOS security vulnerabilities
Hitachi SuprOS is a centralized management system for power distribution automation and communication devices developed by Hitachi, a Japanese company. Hitachi SuprOS has a security vulnerability, which stems from the presence of default credentials. This vulnerability could allow authenticated...
Moderate: Red Hat Security Advisory: multicluster engine for Kubernetes v2.10.1 security update
The multicluster engine for Kubernetes 2.10 General Availability release images, which add new features and enhancements, bug fixes, and updated container images. The multicluster engine for Kubernetes v2.10 images The multicluster engine for Kubernetes provides the foundational components that a...
Important: Red Hat Security Advisory: multicluster engine for Kubernetes v2.8.4 security update
The multicluster engine for Kubernetes 2.8 General Availability release images, which add new features and enhancements, bug fixes, and updated container images. The multicluster engine for Kubernetes v2.8 images The multicluster engine for Kubernetes provides the foundational components that are...
6 Best Enterprise Security Platforms for 2026
If your security stack feels like a cluttered garage full of single-purpose tools, you’re not alone. You have one tool for endpoints, another for the network, and a few more for the cloud—none of which communicate effectively. This patchwork approach creates dangerous blind spots and buries your...
CVE-2025-62487
CVE-2025-62487 affects Palantir Dossier and Slides apps (Dossier front-end). Root cause: a May 2025 change intended to enable cross-artifact file sharing caused uploads to not be properly marked with security levels. In CBAC-enabled deployments, a security picker dialog lets users set the level, ...
CVE-2023-40519
A cross-site scripting XSS vulnerability in the bpk-common/auth/login/index.html login portal in Broadpeak Centralized Accounts Management Auth Agent 01.01.00.19219575ee9195b0, 01.01.01.30097902fd999e76, and 00.12.01.95655881254b459 allows remote attackers to inject arbitrary web script or HTML v...
CVE-2022-23009
On BIG-IQ Centralized Management 8.x before 8.1.0, an authenticated administrative role user on a BIG-IQ managed BIG-IP device can access other BIG-IP devices managed by the same BIG-IQ system. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
Kasten Prometheus Export via remote_write
Purpose Kasten now supports exporting metrics from the embedded Prometheus to external backends using Prometheus's remotewrite capability. This feature supports the collection, aggregation, and visualization of cluster and multi-cluster metrics in monitoring tools like Grafana Cloud and Datadog...
ROS-20251223-7314
A vulnerability in the Snapshot/Restore commands of the AdminServer component of the centralized service for maintaining configuration information, naming, providing distributed synchronization, and provisioning Apache ZooKeeper group services is related to incorrect handling of insufficient...
Building a Transparent Keyserver
Today, we are going to build a keyserver to lookup age public keys. That part is boring. What’s interesting is that we’ll apply the same transparency log technology as the Go Checksum Database to keep the keyserver operator honest and unable to surreptitiously inject malicious keys, while still...
Important: Red Hat Security Advisory: multicluster engine for Kubernetes 2.6 security update
The multicluster engine for Kubernetes 2.6 General Availability release images, which add new features and enhancements, bug fixes, and updated container images. The multicluster engine for Kubernetes v2.6 images The multicluster engine for Kubernetes provides the foundational components that are...
Code Execution in Jupyter Notebook Exports
After our research on Cursor , in the context of developer-ecosystem security, we turn our attention to the Jupyter ecosystem. We expose security risks we identified in the notebook’s export functionality, in the default Windows environment, to help organizations better protect their assets and...
DRUPAL-CONTRIB-2025-125
This module provides a centralized content distribution and syndication solution so thta customers can publish, reuse, and syndicate content across a network of Drupal websites. The module doesn't sufficiently protect export routes from cross-site request forgery CSRF attacks, potentially allowin...
Goodbye, dark Telegram: Blocks are pushing the underground out
Telegram has won over users worldwide, and cybercriminals are no exception. While the average user chooses a messaging app based on convenience, user experience and stability and perhaps, cool stickers, cybercriminals evaluate platforms through a different lens. When it comes to anonymity, privac...
Moderate: Red Hat Security Advisory: multicluster engine for Kubernetes v2.7.7 security update
The multicluster engine for Kubernetes 2.7 General Availability release images, which add new features and enhancements, bug fixes, and updated container images. The multicluster engine for Kubernetes v2.7 images The multicluster engine for Kubernetes provides the foundational components that are...
Securing the Model Context Protocol (MCP): Risks, Controls, and Governance
The Model Context Protocol MCP replaces static, developer-controlled API integrations with more dynamic, user-driven agent systems, which also introduces new security risks. As MCP adoption grows across community servers and major platforms, organizations encounter threats that existing AI...
Why IT Admins Choose Samsung for Mobile Security
Ever wonder how some IT teams keep corporate data safe without slowing down employees? Of course you have. Mobile devices are essential for modern work—but with mobility comes risk. IT admins, like you, juggle protecting sensitive data while keeping teams productive. That's why more enterprises a...
Endpoint Security Agent: A Comprehensive Approach to Real-Time System Monitoring and Threat Detection
As cyber threats continue to evolve in complexity and frequency, robust endpoint protection is essential for organizational security. This paper presents "Endpoint Security Agent: A Comprehensive Approach to Real-time System Monitoring and Threat Detection" a modular, real-time security solution...