Articles tagged "Vulnerability"

Found 928 articles

Actively Exploited

The Cybersecurity and Infrastructure Security Agency (CISA) has added a new vulnerability, CVE-2008-4128, to its Known Exploited Vulnerabilities Catalog. This vulnerability affects Cisco IOS and is associated with cross-site request forgery, which allows attackers to exploit vulnerable systems. It poses significant risks, particularly for federal agencies, as it can lead to total control over affected assets after exploitation. CISA's Binding Operational Directive 26-04 emphasizes the need for federal agencies to prioritize rapid remediation of such high-risk vulnerabilities. While this directive primarily applies to federal agencies, CISA encourages all organizations to adopt similar practices for managing vulnerabilities effectively. Agencies are also urged to check for any compromises before applying patches to mitigate risks.

Read Original

Zimbra has patched a serious vulnerability that allows attackers to execute malicious code through specially crafted emails. When a user opens one of these emails, the embedded code runs without their consent, posing a significant security risk. This flaw affects users of Zimbra's email software, which is widely used by organizations for communication. The potential for exploitation makes it crucial for users to update their systems promptly. Patching this vulnerability helps protect against unauthorized access and data breaches, which could have serious consequences for affected organizations.

Read Original
Actively Exploited

The Australian Cyber Security Centre (ACSC) has issued a warning about a global campaign targeting Content Management Systems (CMS). This campaign involves mass scanning and attempts to exploit vulnerabilities in popular CMS platforms. Users of these systems are urged to take immediate precautions, as attackers are actively seeking to compromise websites and web applications. The ACSC's alert emphasizes the need for CMS users to ensure their software is up to date and to implement strong security measures to defend against potential breaches. The situation is concerning as it could lead to widespread website compromises if users do not act swiftly.

Read Original

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has flagged two severe vulnerabilities affecting iCagenda and Balbooa extensions for Joomla, assigning them a maximum severity rating of 10.0 on the CVSS scale. These vulnerabilities have reportedly been exploited in the wild, making them a pressing concern for users of these Joomla extensions. CVE-2026-48939 is one of the identified flaws, but specific details about the second vulnerability have not been disclosed. Joomla users utilizing these extensions should take immediate action to secure their systems, as attackers are actively targeting these weaknesses. The situation emphasizes the need for timely updates and patches to prevent unauthorized access and potential data breaches.

Read Original

A recent report from Orca Security reveals that a staggering 99.9% of fixable vulnerabilities in AI systems remain unaddressed. While many organizations are rapidly adopting AI technologies, nearly 81.2% of these companies have at least one known vulnerability in their AI packages. This lack of attention to cybersecurity hygiene can lead to serious risks, as 56% of AI users have deployed frameworks into production without adequate security measures. The findings suggest that organizations are prioritizing speed over security, potentially exposing themselves to significant threats. As AI continues to become more integrated into business operations, addressing these vulnerabilities is crucial for maintaining safe and secure systems.

Read Original

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added vulnerabilities associated with iCagenda and Balbooa Forms to its Known Exploited Vulnerabilities catalog. iCagenda is an open-source event management extension for Joomla, while Balbooa Forms is a popular form builder for Joomla sites. The inclusion of these flaws in the catalog means that they are recognized as actively exploited vulnerabilities, posing a risk to users of these platforms. It's essential for site administrators using these extensions to take immediate action to secure their systems and protect sensitive data. Ignoring these vulnerabilities could lead to unauthorized access or data breaches, affecting both website operators and their users.

Read Original

Zimbra has issued a warning regarding a serious vulnerability in its Classic Web Client that could allow attackers to execute malicious code through specially crafted emails. This vulnerability falls under the category of stored cross-site scripting (XSS) and poses a significant risk as it could enable unauthorized actions within a user's session. While the flaw has not yet been assigned a CVE identifier, Zimbra is urging all customers to implement the necessary updates to mitigate this risk. The potential for arbitrary code execution raises alarms about data security and user safety, making it crucial for affected users to take prompt action. Companies that rely on Zimbra for email services should prioritize applying the updates to protect their systems from potential exploitation.

Read Original

Zimbra has identified a serious cross-site scripting (XSS) vulnerability in the Classic Web Client of its Collaboration suite, which is widely used by various organizations, including businesses and government entities. The flaw currently does not have a Common Vulnerabilities and Exposures (CVE) ID, making it crucial for users to take immediate action to protect their systems. This vulnerability could allow attackers to execute scripts in the context of a user's browser, potentially leading to data theft or other malicious activity. Organizations relying on Zimbra should prioritize patching this vulnerability to safeguard their information and maintain the integrity of their communications. Without a fix, they remain at risk of exploitation.

Read Original

A long-standing vulnerability in the Squid proxy server, known as 'Squidbleed,' has been identified, which can potentially leak sensitive HTTP requests. This bug has been present for 29 years, raising concerns about the security of systems still using affected versions of the Squid software. Administrators of web servers and proxies that rely on Squid need to take immediate action to mitigate any risks associated with this vulnerability. Researchers have flagged the issue as significant, given the age of the flaw and its potential impact on data security. Users of Squid should verify their software versions and apply necessary updates to protect against possible exploitation.

Read Original

Zimbra has issued a warning regarding a serious stored cross-site scripting (XSS) vulnerability in its Classic Web Client, which is commonly used for accessing Zimbra Collaboration. This flaw allows attackers to execute malicious code when users open compromised emails. The company has released version 10.1.19 to address this vulnerability, which currently does not have a CVE ID. Users of the Classic Web Client should update to this latest version as soon as possible to safeguard their mailboxes from potential exploitation. This incident emphasizes the need for prompt software updates to protect sensitive information from cyber threats.

Read Original

Researchers at Binarly have identified six new vulnerabilities in U-Boot, the bootloader responsible for starting various hardware devices, including routers and smart cameras. Four of these flaws can cause devices to crash, while two others could allow attackers to execute their own code by presenting a malicious image to the bootloader. This is particularly concerning as U-Boot is widely used across many platforms, making a large number of devices potentially vulnerable. If exploited, these vulnerabilities could lead to unauthorized access and control over affected systems before they even fully boot up. Users and manufacturers need to be aware of these vulnerabilities to ensure their devices remain secure.

Read Original
Actively Exploited

Hackers are exploiting a serious vulnerability in the official Docker image for Gitea, a self-hosted Git service. This flaw allows attackers to bypass authentication and impersonate any user, including those with administrative privileges. As a result, unauthorized individuals could gain access to sensitive repositories and potentially compromise projects hosted on Gitea. This situation poses a significant risk for organizations using the affected Docker image, as it could lead to data breaches or loss of intellectual property. Users and companies are urged to take immediate action to secure their installations and prevent exploitation.

Read Original

Researchers from Ledger's Donjon security team have discovered a significant vulnerability in Tangem crypto wallet cards. By using a precisely timed laser pulse directed at the chip inside the card, an attacker can reset the wallet's password to a new one of their choosing. This means that once the password is changed, the attacker gains full control over the wallet and can transfer any cryptocurrency stored on it. While this poses a serious risk, it's important to note that the attack requires specialized equipment and expertise, so it may not be an immediate concern for most users. Nonetheless, it raises questions about the security of hardware wallets, especially those that cannot be patched or updated to fix this flaw.

Read Original

Researchers at the AI Now Institute have created a proof-of-concept exploit that demonstrates how popular AI tools designed for security could be misused to launch cyber-attacks. These tools, often employed to enhance cybersecurity measures, might inadvertently provide attackers with new methods to bypass defenses. The study raises concerns about the dual-use nature of artificial intelligence in cybersecurity, where the same technologies that protect systems can also be exploited for malicious purposes. This finding is significant as it highlights the need for developers and companies to consider the potential for misuse when creating and implementing AI security tools. As AI continues to integrate into security practices, awareness and proactive measures are crucial to prevent potential exploitation.

Read Original
Actively Exploited

The Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog due to evidence of active exploitation. The vulnerabilities are CVE-2026-48939 and CVE-2026-56291, both linked to unrestricted file uploads in iCagenda and Balbooa Forms, respectively. These types of vulnerabilities allow attackers to upload potentially harmful files, posing a serious risk to federal agencies and other organizations. CISA's Binding Operational Directive 26-04 emphasizes the need for federal agencies to prioritize the remediation of these high-risk vulnerabilities swiftly. While the directive specifically targets federal entities, CISA encourages all organizations to adopt similar risk-based strategies for vulnerability management.

Read Original
PreviousPage 3 of 62Next