Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-08-11 16:30:00 |
Zimbra RCE Vulnerability Exploited Without Admin Privileges (lien direct) |
Over 1,000 ZCS instances around the world were reportedly backdoored and compromised |
Vulnerability
|
|
|
|
2022-08-04 16:00:00 |
Hackers Exploit Atlassian Confluence Vulnerability to Deploy New \'Ljl\' Backdoor (lien direct) |
The TA likely used RAR and 7zip to archive files and folders from multiple directories |
Vulnerability
|
|
|
|
2022-08-02 15:00:00 |
Google Patches Critical Android Bluetooth Flaw in August Security Bulletin (lien direct) |
The Bluetooth vulnerability has been patched on Android 10, 11, 12 and 12L |
Vulnerability
|
|
|
|
2022-07-06 10:00:00 |
Google Patches Chrome Zero Day Under Attack (lien direct) |
Rapid fix for vulnerability being exploited in the wild |
Vulnerability
|
|
|
|
2022-07-04 08:45:00 |
HackerOne Insider Defrauded Customers (lien direct) |
Former employee re-submitted vulnerability data for personal gain |
Vulnerability
|
|
|
|
2022-06-29 16:30:00 |
New UnRAR Vulnerability Could Lead to Zimbra Webmail Hack (lien direct) |
Successful exploitation would give an attacker access to all emails on a compromised server |
Hack
Vulnerability
|
|
|
|
2022-06-29 16:00:00 |
Amazon Fixes High Severity Vulnerability in Amazon Photos Android App (lien direct) |
The vulnerability derived from a misconfiguration of one of the Photos app's components |
Vulnerability
|
|
|
|
2022-06-17 16:00:00 |
WordPress Updates More Than a Million Sites to Fix Critical Ninja Forms Vulnerability (lien direct) |
The code injection vulnerability allowed attackers to call methods in various Ninja Forms classes |
Vulnerability
|
|
|
|
2022-06-06 16:00:00 |
Critical Vulnerability Found in Motorola\'s Unisoc Chips (lien direct) |
Checkpoint Research spotted a critical vulnerability in Unisoc Tiger T700 chips in three Motorola models |
Vulnerability
|
|
|
|
2022-04-06 09:00:00 |
Almost a Fifth of Global Firms Targeted with Spring4Shell (lien direct) |
New vulnerability exploited most widely in Europe |
Vulnerability
|
|
|
|
2022-03-31 08:45:00 |
No Patch Available Yet for Critical SpringShell Bug (lien direct) |
Vulnerability has echoes of infamous Struts and Log4Shell vulnerabilities |
Vulnerability
|
|
★★★
|
|
2022-03-03 17:00:00 |
Most Disclosed ICS Vulnerabilities are Low Complexity (lien direct) |
Past four years sees surge in ICS vulnerability disclosures with most vulnerabilities of low complexity |
Vulnerability
|
|
|
|
2022-02-24 10:00:00 |
Vishing Makes Phishing Campaigns Three-Times More Successful (lien direct) |
However, vulnerability exploitation remained a major threat in 2021 |
Vulnerability
Threat
|
|
|
|
2022-02-18 09:25:00 |
High Severity WordPress Plugin Bug Hits Three Million (lien direct) |
Vulnerability could enable threat actors to access backups |
Vulnerability
Threat
|
|
★★★★
|
|
2022-02-07 09:34:00 |
Crypto Firm Meter Loses $4.4m in Cyber-Heist (lien direct) |
Attacker exploited vulnerability in bridging technology |
Vulnerability
|
|
|
|
2022-02-04 18:30:00 |
Major Vulnerability Found in Argo CD (lien direct) |
Malicious Kubernetes Helm Charts can be exploited to steal sensitive data |
Vulnerability
|
Uber
|
|
|
2022-02-03 09:06:00 |
Online Thieves Steal $320m from Crypto Firm Wormhole (lien direct) |
Attackers exploited a vulnerability to harvest 120K Ethereum |
Vulnerability
|
|
|
|
2022-01-27 17:00:00 |
Hacker Flags Flaw in Swiss Railway System (lien direct) |
Vulnerability exposed personal data of 500k commuters |
Vulnerability
|
|
|
|
2022-01-26 10:45:00 |
Experts Reveals 29% Surge in Bugs Used by Ransomware Actors (lien direct) |
Vulnerability exploitation increasingly popular way to compromise victims |
Ransomware
Vulnerability
|
|
★★★★★
|
|
2022-01-14 17:42:00 |
Flaw Found in Biometric ID Devices (lien direct) |
Vulnerability in access control devices allows attackers to unlock doors and enter protected areas |
Vulnerability
|
|
|
|
2022-01-14 10:10:00 |
AWS Patches Glue Bug That Put Customer Data at Risk (lien direct) |
Superglue vulnerability was enabled by internal misconfiguration |
Vulnerability
|
|
|
|
2022-01-07 09:26:00 |
Researchers Warn of New Log4Shell-Like Java Vulnerability (lien direct) |
RCE bug found in popular H2 database console |
Vulnerability
|
|
|
|
2021-12-14 11:05:00 |
Experts: Log4j Bug Could Be Exploited for “Years” (lien direct) |
Vulnerability could remain stubbornly difficult to find and patch |
Vulnerability
|
|
|
|
2021-12-13 09:15:00 |
“Worst-Case Scenario” Log4j Exploit Travels the Globe (lien direct) |
Log4j vulnerability affects huge sweep of applications and vendors |
Vulnerability
|
|
|
|
2021-12-09 10:30:00 |
NVD: It\'s Another Record Year for Vulnerabilities (lien direct) |
Fifth year in a row for record number of bugs published to National Vulnerability Database |
Vulnerability
|
|
|
|
2021-11-19 20:04:00 |
Sky Slow to Fix Bug in Routers (lien direct) |
Entertainment company repeatedly pushed back updates after being notified of serious vulnerability |
Vulnerability
|
|
|
|
2021-10-25 08:36:00 |
BlackMatter Bug Saved Victims Millions in Ransom Payments (lien direct) |
Emsisoft claims to have vulnerability info on over 10 other variants |
Vulnerability
|
|
|
|
2021-10-15 08:11:00 |
Missouri Governor Slammed for Vow to Prosecute Researcher (lien direct) |
Reporter responsibly disclosed vulnerability in education website |
Vulnerability
|
|
|
|
2021-09-24 09:30:00 |
Cybersecurity Vulnerability Could Affect Millions of Hikvision Cameras (lien direct) |
The command injection vulnerability could allow threat actors to have complete control of compromised device |
Vulnerability
Threat
|
|
|
|
2021-09-17 08:30:00 |
CISA: Patch Zoho Bug Being Exploited by APT Groups (lien direct) |
Critical vulnerability affects ManageEngine ADSelfService Plus |
Vulnerability
|
|
|
|
2021-09-14 10:30:00 |
Apple Releases Urgent Patch Following Discovery of Pegasus Spyware (lien direct) |
The vulnerability was discovered after the spyware was found on the iPhone of an anonymous Saudi activist |
Vulnerability
|
|
|
|
2021-06-16 08:37:00 |
IoT Supply Chain Bug Hits Millions of Cameras (lien direct) |
Critical vulnerability could allow attackers to eavesdrop on users |
Vulnerability
|
|
|
|
2021-06-02 10:06:00 |
Critical Zero-Day in WordPress Plugin Under Active Attack (lien direct) |
Vulnerability in Fancy Product Designer could enable full site takeover. |
Vulnerability
|
|
|
|
2021-05-17 11:19:00 |
Cisco Snaps Up Kenna Security for Vulnerability Management (lien direct) |
New capabilities will boost SecureX platform |
Vulnerability
|
|
|
|
2021-04-09 15:04:00 |
LifeLabs Launches Vulnerability Disclosure Program (lien direct) |
Canadian medical laboratory teams up with Bugcrowd to boost cybersecurity |
Vulnerability
|
|
|
|
2021-04-02 11:00:00 |
Trustwave Uncovers Vulnerability in Popular Website CMS (lien direct) |
Privilege escalation issue found on website CMS Umbraco |
Vulnerability
|
|
|
|
2021-02-18 14:00:00 |
Half of Apps Contain at Least One Serious Exploitable Vulnerability (lien direct) |
Nearly 70% of apps in manufacturing have at least one serious vulnerability |
Vulnerability
|
|
|