ZDI-24-1225: SolarWinds Access Rights Manager Hard-Coded Credentials Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of SolarWinds Access Rights Manager. Authentication is not required to exploit this vulnerability. The...
ZDI-24-1226: mySCADA myPRO Hard-Coded Credentials Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of mySCADA myPRO. Authentication is not required to exploit this vulnerability. The ZDI...
DSA-5769-1 git – security update
Multiple issues were found in Git, a fast, scalable, distributed revision control system, which may result in file overwrites outside the repository, arbitrary configuration injection...
openssl-3.2.2-7.fc41
FEDORA-2024-7d5c1bcc78 Packages in this update: openssl-3.2.2-7.fc41 Update description: Fix CVE-2024-5535: SSL_select_next_proto buffer overread Read More
Irish Data Protection Regulator to Investigate Google AI
Ireland’s Data Protection Commission launches inquiry into whether Google followed GDPR rules over AI model training Read More
WordPress plugin and theme developers told they must use 2FA
Starting October 1, WordPress plugin and theme developers must enable 2FA. This move aims to boost security and help prevent supply-chain attacks from targeting millions...
Microsoft Is Adding New Cryptography Algorithms
Microsoft is updating SymCrypt, its core cryptographic library, with new quantum-secure algorithms. Microsoft’s details are here. From a news article: The first new algorithm Microsoft...
Schools Face Million-Dollar Bills as Ransomware Rises
Ransomware gangs are targeting schools and higher education, with victims facing soaring ransom and recovery costs Read More
TfL Confirms Customer Data Breach, 17-Year-Old Suspect Arrested
TfL has revealed that some customer data was accessed in a recent cyber-attack, potentially including the bank details of 5000 people Read More
USN-7006-1: Linux kernel vulnerabilities
It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A privileged...