CISA Adds Four Actively Exploited Vulnerabilities to KEV Catalog, Urges Fixes by Feb 25
Feb 05, 2025Ravie LakshmananVulnerability / Software Security The U.S. Cybersecurity and Infrastructure…
Malicious Go Package Exploits Module Mirror Caching for Persistent Remote Access
Feb 04, 2025Ravie LakshmananVulnerability / Threat Intelligence Cybersecurity researchers have called attention…
PyPI Introduces Archival Status to Alert Users About Unmaintained Python Packages
Feb 03, 2025Ravie LakshmananOpen Source / Software Security The maintainers of the…
Researchers Uncover Nuclei Vulnerability Enabling Signature Bypass and Code Execution
Jan 04, 2025Ravie LakshmananVulnerability / Software Security A high-severity security flaw has…
CISA Adds Acclaim USAHERDS Vulnerability to KEV Catalog Amid Active Exploitation
Dec 24, 2024Ravie LakshmananVulnerability / Software Security The U.S. Cybersecurity and Infrastructure…
XML-RPC npm Library Turns Malicious, Steals Data, Deploys Crypto Miner
Nov 28, 2024Ravie LakshmananSoftware Security / Data Breach Cybersecurity researchers have discovered…
Critical Flaw in ProjectSend Under Active Exploitation Against Public-Facing Servers
Nov 27, 2024Ravie LakshmananVulnerability / Software Security A critical security flaw impacting…
Critical Flaws in Ollama AI Framework Could Enable DoS, Model Theft, and Poisoning
Nov 04, 2024Ravie LakshmananVulnerability / Cyber Threat Cybersecurity researchers have disclosed six…
Security Flaw in Styra’s OPA Exposes NTLM Hashes to Remote Attackers
Oct 22, 2024Ravie LakshmananVulnerability / Software Security Details have emerged about a…