Western Digital has fixed a critical severity vulnerability that enabled attackers to gain remote code execution and gain a reverse shell on unpatched My Cloud OS 5 devices. Western Digital’s My Cloud is one...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security vulnerability in User Interface (UI) for ASP.NET AJAX to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of active exploitation. “CISA...
Users of the Argo continuous deployment (CD) tool for Kubernetes are being urged to push through updates after two vulnerabilities were found that could allow an attacker to access Argo CD and deploy Applications...
Recently, Lexmark released software to remediate two security vulnerabilities affecting certain of its products that could expose users to remote code execution and brute force attacks. A of the flaws is critical, carrying a...
Security researcher Adam Doupé of ASU SEFCOM has disclosed details of a now-patched security vulnerability in Apple macOS, Apple Watch, iPhone, iPad, and iPod that an attacker could exploit to execute arbitrary code with...
VMware on Tuesday announced patches for several critical and high-severity vulnerabilities affecting its product. Some of which could be exploited to launch remote code execution attacks. Tracked as CVE-2022-31706, CVE-2022-31704, CVE-2022-31710, and CVE-2022-31711 (CVSS...
Man Yue Mo, a security researcher with GitHub, has released technical details and proof-of-concept (PoC) exploit code for an Arm Mali GPU Kernel Driver security bypass that Arm patched in August last year. The PoC...
Apple on Wednesday released security updates for iOS, iPadOS, and iPod to remediate a zero-day vulnerability previously exploited by threat actors to compromise its devices. Tracked as CVE-2022-42856, the vulnerability could allow a remote attacker to...
Riot Games, the video game developer, and publisher confirmed that it has seen its systems being compromised via a social engineering attack. The company wrote on its Twitter account: “Earlier this week, systems in...
A security researcher has published proof-of-concept (PoC) code for a macOS/iOS vulnerability in IOHIDFamily that could be exploited to execute arbitrary code with kernel privileges. Tracked as CVE-2022-42864 (CVSS score of 7.0), the security...
