CVE-2020-23452
A cross-site scripting (XSS) vulnerability in Selenium Grid v3.141.59 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the...
What is the difference between incident response & threat hunting?
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information...
CVE-2020-25969
gnuplot v5.5 was discovered to contain a buffer overflow via the function plotrequest(). Read More
Nagoya Port Faces Disruption After Ransomware Attack
Container import and export operations via trailer transportation have been temporarily halted Read More
High-Severity Flaws Fixed in Firefox 115 Update
One of them, CVE-2023-37201, involved a use-after-free issue in WebRTC certificate generation Read More
Sophisticated Email Attacks Target Cryptocurrency Wallets
Discovered by Kaspersky, the campaign delivered 85,000 scam emails during the spring of 2023 Read More
USN-6204-1: CPDB vulnerability
Seth Arnold discovered that CPDB incorrectly handled certain characters. An attacker could possibly use this issue to cause a crash or execute arbitrary code. Read...
USN-6203-1: Django vulnerability
Seokchan Yoon discovered that Django incorrectly handled certain regular expressions. A remote attacker could possibly use this issue to cause Django to consume resources, leading...
Class-Action Lawsuit for Scraping Data without Permission
I have mixed feelings about this class-action lawsuit against OpenAI and Microsoft, claiming that it “scraped 300 billion words from the internet” without either registering...
USN-6202-1: containerd vulnerabilities
David Korczynski and Adam Korczynski discovered that containerd incorrectly processed certain images with large files. An attacker could possibly use this issue to cause containerd...