⚡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More

Monday opens with a trust problem. A mail server flaw is under active use. A network control system was targeted. Trusted packages were poisoned. A fake model page pushed a stealer. Then came the familiar ransom claim: the data was returned and deleted. The pattern is clear. One weak dependency c...

PT-2022-6994

Name of the Vulnerable Software and Affected Versions Exim affected versions not specified Description This issue allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this issue. The specific flaw exists within the smtp...

The vulnerability of the Simple Mail Transfer Protocol (SMTP) software of RSLogix 500, as well as the programmable logic controllers MicroLogix 1100 and MicroLogix 1400, allows a intruder to gain unauthorized access to confidential information.

The vulnerability of the Simple Mail Transfer Protocol SMTP software from RSLogix 500, as well as the programmable logic controllers MicroLogix 1100 and MicroLogix 1400, is related to the unencrypted storage of critical information. Exploiting this vulnerability allows an attacker to gain access ...

Microsoft Pushes Azure Users to Patch Linux Systems

Microsoft is warning customers that some Azure installations are vulnerable to a recently-disclosed critical Linux Exim mail server flaw that is under active attack. The warning comes after a widespread worm campaign was disclosed on Friday, targeting a flaw in the Exim mail transport agent MTA,...

security flaw

Buffer overflow in the mailvalidnetparsework function in mail.c for Washington's IMAP Server UW-IMAP before imap-2004g allows remote attackers to execute arbitrary code via a mailbox name containing a single double-quote " character without a closing quote, which causes bytes after the double-quo...