CVE-2020-18413
Stored cross site scripting (XSS) vulnerability in /index.php?admin-master-navmenu-add of Chaoji CMS v2.18 that allows attackers to execute arbitrary code. Read More
CVE-2020-18410
A stored cross site scripting (XSS) vulnerability in /index.php?admin-master-article-edit of Chaoji CMS v2.18 that allows attackers to obtain administrator privileges. Read More
CVE-2020-18406
An issue was discovered in cmseasy v7.0.0 that allows user credentials to be sent in clear text due to no encryption of form data. Read...
U.K. Cyber Thug “PlugwalkJoe” Gets 5 Years in Prison
Joseph James “PlugwalkJoe” O’Connor, a 24-year-old from the United Kingdom who earned his 15 minutes of fame by participating in the July 2020 hack of...
SEC notice to SolarWinds CISO and CFO roils cybersecurity industry
The US Securities and Exchange Commission has roiled the cybersecurity industry by putting executives of SolarWind on notice that it may pursue legal action for...
CVE-2020-18418
A Cross site request forgery (CSRF) vulnerability was discovered in FeiFeiCMS v4.1.190209, which allows attackers to create administrator accounts via /index.php?s=Admin-Admin-Insert. Read More
libmodsecurity-3.0.9-2.el7
FEDORA-EPEL-2023-c5ad3565aa Packages in this update: libmodsecurity-3.0.9-2.el7 Update description: Update to 3.0.9 after rebasing rawhide Read More
Anatsa Banking Trojan Targets Banks in US, UK and DACH Region
ThreatFabric said the ongoing campaign started in March and has witnessed over 30,000 installations Read More
Third-Party Vendor Hack Exposes Data at American, Southwest Airlines
American Airlines reported 5745 pilots and applicants affected, Southwest Airlines reported 3009 Read More
Study Reveals Alarming Gap in SIEM Detection of Adversary Techniques
CardinalOps examined 4000 detection rules, one million log sources and many unique log source types Read More