The Internet Systems Consortium (ISC), the maintainers of the widely-used BIND Domain Name System (DNS) server software, has released critical security updates to address four high-severity vulnerabilities. These flaws could allow attackers to cause...
SuiteCRM, a widely adopted open-source Customer Relationship Management (CRM) platform, has released urgent security patches to address multiple critical vulnerabilities that could expose sensitive customer data and compromise system integrity. These vulnerabilities, identified as...
In a groundbreaking development, researchers at the University of Illinois Urbana-Champaign have demonstrated that teams of AI agents, powered by large language models (LLMs), can successfully exploit zero-day vulnerabilities. These are previously unknown and...
Akamai researchers have identified a concerning resurgence of attacks targeting known vulnerabilities in the ThinkPHP web application framework. These vulnerabilities, CVE-2018-20062 and CVE-2019-9082, continue to be exploited despite being several years old, demonstrating a...
Zyxel has released critical security patches for two of its Network Attached Storage (NAS) devices, NAS326 and NAS542, addressing severe vulnerabilities that could allow attackers to execute code remotely and compromise system security. The...
A series of critical vulnerabilities have been discovered in the XStore theme and its accompanying XStore Core plugin, both widely used tools for building online stores on the WordPress platform. These vulnerabilities, if exploited,...
Recently, Intel released 41 security bulletins, addressing over 90 vulnerabilities across its product line, a substantial number. The primary focus of these security flaws lies in the software domain, including one critical AI tool...
A shocking new report by Citizen Lab reveals that popular Chinese keyboard apps transmit your keystrokes in ways that leave them shockingly vulnerable to interception. Even passwords, financial details, and sensitive conversations you type...
A recent report by Sophos, based on a comprehensive survey conducted by Vanson Bourne, sheds light on the stark realities and heightened risks associated with unpatched vulnerabilities in the context of ransomware attacks. The...
Industrial automation leader Phoenix Contact has issued an urgent security alert regarding multiple critical vulnerabilities discovered within the firmware of their CHARX SEC charge controllers. These flaws, uncovered during a recent security competition, could...
Zscaler’s ThreatLabz research team detected a formidable adversary: DreamBus. A Linux-based malware family, DreamBus has been quietly evolving, honing its capabilities to exploit vulnerabilities in business applications. DreamBus, initially identified in early 2019, has...
A critical vulnerability affecting the Syrus4 IoT Gateway, a technology found in over 119,000 vehicles across 49 countries, has been left unpatched for months, leaving millions of drivers vulnerable to hacking. This vulnerability, identified...
Blackwing Intelligence has unearthed several vulnerabilities that enable circumvention of the Windows Hello authentication system on Dell Inspiron 15, Lenovo ThinkPad T14, and Microsoft Surface Pro X laptops. These security loopholes are attributable to...
Synology, a leading network-attached storage (NAS) and surveillance solution provider has recently addressed critical security vulnerabilities affecting its Synology Camera BC500 and TC500 models. These vulnerabilities, discovered during the PWN2OWN 2023 security competition, could...
Security researchers have discovered four high-severity command injection vulnerabilities in the ASUS RT-AX55 router. These vulnerabilities can be exploited by remote attackers to execute arbitrary code on the router, interrupt its service, or perform...
Support Securityonline.info site. Thanks!
