org.jenkins-ci.plugins:mypeople (>=0.3 <=0.3.0.3), org.jenkins-ci.plugins:skype-notifier (>=1.0 <=1.1.0) +2 more potentially affected by CVE-2022-28135 via org.jvnet.hudson.plugins:instant-messaging (>=1.0 <=1.4)

org.jvnet.hudson.plugins:instant-messaging MAVEN version =1.0, =0.3, =1.0, =2.0, =1.0, =unspecified Source cves: CVE-2022-28135 Source advisory: OSV:GHSA-HPM9-FX8V-W45V...

Threat Roundup for March 8 to March 15

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between March 08 and March 15. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral...

Threat Roundup for Jan. 25 to Feb. 1

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 25 and Feb. 01. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...

MongoDB management tool exposure remote code execution vulnerability-vulnerability warning-the black bar safety net

MongoDB, the IT sector mainstream non-relational database NoSQL platform is one that is based on a table of a relational database of the popular alternatives. Recently, the management for MongoDB is a GUI tool phpMoAdmin is the storm has a very serious security vulnerability, once exploited, this...

Eggdrop arbitrary connection vulnerability

Hi, there is a serious security problem in the popular eggdrop IRCbot. The hole allows a regular user with enough 'power' at least power to add new bot records to use any linked instance of the bot on the botnet as an instant 'proxy'. The following session demonstrates the problem with an...