Active Exploitation Against Adobe Commerce and Magento Through CVE-2022-24086/CVE-2022-24087
UPDATE February 17: Added reference to CVE-2022-24087, which Adobe disclosed and issues an out-of-band patch for on February 17th, 2022.FortiGuard Labs is aware of reports...
USN-5292-2: snapd vulnerabilities
USN-5292-1 fixed vulnerabilities in snapd. This update provides the corresponding update for the riscv64 architecture. Original advisory details: James Troup discovered that snap did not...
USN-5295-1: Linux kernel (HWE) vulnerabilities
It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause...
DSA-5080 snapd – security update
Multiple vulnerabilties were discovered in snapd, a daemon and tooling that enable Snap packages, which could result in bypass of access restrictions or privilege escalation....
DSA-5081 redis – security update
Reginaldo Silva discovered a (Debian-specific) Lua sandbox escape in Redis, a persistent key-value database. Read More
DSA-5082 php7.4 – security update
Two security issues were found in PHP, a widely-used open source general purpose scripting language which could result in information disclosure or denial of service....
CVE-2014-8597
A reflected cross-site scripting (XSS) vulnerability in PHP-Fusion 7.02.07 allows remote attackers to inject arbitrary web script or HTML via the status parameter in the...
Data Privacy Lawsuit Could Cost Meta $90m
Facebook parent agrees to pay $90M to settle decade-old data privacy lawsuit Read More
Fertility Clinic Hit with Ransomware
Ransomware attack on NYC fertility clinic leads to breach of patients’ personal data Read More
U.S. government warns that sensitive data is being stolen from defence contractors
The Federal Bureau of Investigation (FBI), Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) have joined forces to...