A high-severity vulnerability in Cisco Unified CM and Unified CM SME could allow attackers to cause a denial-of-service (DoS) condition.
The post Cisco Patches High-Severity Vulnerability Reported by NSA appeared first on SecurityWeek.
Category Added in a WPeMatico Campaign
Exploitation Expected for Flaw in Caching Plugin Installed on 5M WordPress Sites
A critical vulnerability in the Litespeed Cache WordPress plugin can allow attackers to hack websites by creating an admin user.
The post Exploitation Expected for Flaw in Caching Plugin Installed on 5M WordPress Sites appeared first on SecurityWeek.
Google Patches Sixth Exploited Chrome Zero-Day of 2024
Chrome 128 was released in the stable channel with patches for 38 vulnerabilities, including a V8 JavaScript engine flaw exploited in the wild.
The post Google Patches Sixth Exploited Chrome Zero-Day of 2024 appeared first on SecurityWeek.
Critical Authentication Flaw Haunts GitHub Enterprise Server
GitHub patches a trio of security defects in the GitHub Enterprise Server product and recommends urgent patching for corporate users.
The post Critical Authentication Flaw Haunts GitHub Enterprise Server appeared first on SecurityWeek.
New Phishing Technique Bypasses Security on iOS and Android to Steal Bank Credentials
New phishing attacks target iOS and Android users with Progressive Web Applications and WebAPKs to steal banking information.
The post New Phishing Technique Bypasses Security on iOS and Android to Steal Bank Credentials appeared first on SecurityWeek.
Arden Claims Service Reports Data Breach, 139,000 Affected
Personal information for about 39,000 individuals was stolen in October 2023 from class action settlement administrator Arden Claims Service.
The post Arden Claims Service Reports Data Breach, 139,000 Affected appeared first on SecurityWeek.
Why LinkedIn Developed Its Own AI-Powered Security Platform
An inside look at how LinkedIn developed an internal AI-assisted vulnerability management system to protect its massive infrastructure and user base.
The post Why LinkedIn Developed Its Own AI-Powered Security Platform appeared first on SecurityWeek.
Google Play Bug Bounty Program Shutting Down
Google is shutting down its Google Play Security Reward Program (GPSRP) after determining that it has achieved its goal.
The post Google Play Bug Bounty Program Shutting Down appeared first on SecurityWeek.
Thousands of Apps Using AWS ALB Exposed to Attacks Due to Configuration Issue
As many as 15,000 applications using AWS Application Load Balancer (ALB) could be exposed to ALBeast attacks.
The post Thousands of Apps Using AWS ALB Exposed to Attacks Due to Configuration Issue appeared first on SecurityWeek.
Microsoft Copilot Studio Vulnerability Led to Information Disclosure
A vulnerability in Microsoft Copilot Studio exposed information on internal services shared among tenants, potentially impacting multiple customers.
The post Microsoft Copilot Studio Vulnerability Led to Information Disclosure appeared first on SecurityWeek.