41 matches found
EUVD-2020-5990
Malware in sbrugna...
EUVD-2013-1165
Malware in sbrugna...
EUVD-2023-1493
Malicious code in bioql PyPI...
CVE-2025-50090
...
CVE-2025-30728
...
CVE-2025-30704
...
Microsoft and Adobe Patch Tuesday, March 2025 Security Update Review
March 2025 Patch Tuesday is here, and Microsoft has rolled out critical security updates that address multiple vulnerabilities across its product suite. Here’s a quick breakdown of what you need to know. Microsoft Patch Tuesday for March 2025 Microsoft Patch's Tuesday, March 2025 edition addresse...
GHSA-98QH-7X9H-4W89 vulnerabilities
Vulnerabilities for packages: mysql...
GHSA-2FG8-6GGF-J2JG vulnerabilities
Vulnerabilities for packages: firefox-esr...
GitLab Patches Critical Flaw Allowing Unauthorized Pipeline Jobs
GitLab has shipped another round of updates to close out security flaws in its software development platform, including a critical bug that allows an attacker to run pipeline jobs as an arbitrary user. Tracked as CVE-2024-6385, the vulnerability carries a CVSS score of 9.6 out of a maximum of 10....
New Fickle Stealer Exploits Software Flaws to Steal Crypto, Browser Data
Fortinet's FortiGuard Labs exposes the Fickle Stealer, a malware using multiple attack methods to steal logins, financial details, and more. Learn how to protect yourself from this evolving threat...
China-Linked Group Breaches Networks via Connectwise, F5 Software Flaws
A China-linked threat cluster leveraged security flaws in Connectwise ScreenConnect and F5 BIG-IP software to deliver custom malware capable of delivering additional backdoors on compromised Linux hosts as part of an "aggressive" campaign. Google-owned Mandiant is tracking the activity under its...
GHSA-MQ39-4GV4-MVPX vulnerabilities
Vulnerabilities for packages: zot, kaniko, aactl, trivy, buf, wolfictl, melange, syft, ko, ctop, up, cadvisor, dagger, kubescape, cilium-cli, conftest, kargo, buildkitd, crossplane, datadog-agent, docker-compose, grype, spire-server, tkn...
Fujitsu Bugs That Sent Innocent People to Prison Were Known ‘From the Start’
Software flaws were allegedly hidden from lawyers of wrongly convicted UK postal workers...
Explained: Fuzzing for security
Fuzzing, or fuzz testing, is defined as an automated software testing method that uses a wide range of invalid and unexpected data as input to find flaws in the software undergoing the test. The flaws do not necessarily have to be security vulnerabilities. Fuzzing can also bring other undesirable...
How to get Ahead of Vulnerabilities and Protect your Enterprise Business
Security vulnerabilities are popping up all the time, and can put any business that uses technological assets at risk. In a nutshell, vulnerabilities represent the ideal opportunity for malicious actors to break into systems and wreak all types of havoc. From data theft to information compromise...
19-year-old ethical hacker is a millionaire now; thanks to his skills
By Carolina Argentina’s Santiago Lopez is now a millionaire due to his prowess on identifying flaws in online services as well as software. The ethical hacker who uses the moniker @trytohack became part of HackerOne’s bug bounty program in 2015 and so far he has reported more than 1,670 unique...
Intel, Microsoft Announce New Bug Bounties
Intel announced its first bug bounty program, offering up to $30,000 to researchers who find critical vulnerabilities in its hardware. The invite-only program, which is being run on the HackerOne platform, was announced today at the CanSecWest conference in Vancouver. Intel said its software,...
MGASA-2016-0278 Updated firefox packages fix security vulnerability
Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox CVE-2016-2836, CVE-2016-5258, CVE-2016-5259, CVE-2016-5252,...
PLC Blaster Worm Targets Industrial Control PLCs
LAS VEGAS – Security researchers at Black Hat USA described a proof-of-concept worm that targets weaknesses within automated industrial control systems used to manage critical infrastructure and manufacturing. The worm, according to OpenSource Security, has the capability to autonomously search f...