February 12, 2024 at 09:08AM Recent critical security issues continue to emerge from both vendors, with a brand-new vulnerability being exploited in the wild. This adds to the existing stream of security concerns within the platforms. It sounds like the meeting notes are highlighting brand-new vulnerabilities from both vendors, with at least one being exploited … Read more
December 22, 2023 at 06:45AM CISA released advisories for ICS vulnerabilities affecting FXC routers and QNAP NVR devices, exploited in the wild. The FXC flaw allows remote code execution via NTP server settings, affecting outlet wall routers in Japan. QNAP’s vulnerability, patched years ago, is being exploited by a Mirai-based malware campaign targeting legacy models. … Read more
October 16, 2023 at 03:13PM A critical vulnerability in Royal Elementor Addons and Templates up to version 1.3.78 is being actively exploited by hackers. The flaw, tracked as CVE-2023-5360, allows unauthenticated attackers to upload arbitrary files and potentially achieve remote code execution, compromising the websites. Two WordPress security firms have reported a significant increase in … Read more
October 10, 2023 at 07:58PM Microsoft has released over 100 security updates, including fixes for two bugs that are already being actively exploited. One of the vulnerabilities, known as Rapid Reset, is an HTTP/2 weakness that has been used since August to launch distributed denial of service (DDoS) attacks. Microsoft WordPad also has an information … Read more