Vulnerability fixed in Microsoft Exchange

Microsoft has fixed a vulnerability in Exchange Server. A malicious party can exploit the vulnerability to execute arbitrary code execute with privileges of the victim, potentially gaining access gain access to sensitive data in the victim's context. Successful exploitation requires the malicious...

3CX Desktop App Supply Chain Attack Leaves Millions at Risk - Urgent Update on the Way!

3CX said it's working on a software update for its desktop app after multiple cybersecurity vendors sounded the alarm on what appears to be an active supply chain attack that's using digitally signed and rigged installers of the popular voice and video conferencing software to target downstream...

VLC DLL Hijack

Hi @ll, the executable installers ° of the videolan client VLC, see are vulnerable: 1. They load and execute a rogue/bogus/malicious ShFolder.dll '² and other DLLs like SetupAPI.dll or UXTheme.dll too eventually found in the directory they are started from the "application directory". For softwar...