China hacks the US military and government— the Feds blame Microsoft
Hidden in the basic infrastructure that runs the US military is a powerful piece of Windows-borne Chinese malware...
Russian Hackers Use Zulip Chat App for Covert C&C in Diplomatic Phishing Attacks
An ongoing campaign targeting ministries of foreign affairs of NATO-aligned countries points to the involvement of Russian threat...
Hozier would consider strike over AI threat to music
The musician says he is not sure music made by artificial intelligence meets “the definition of art”. Source::...
CISA Adds Citrix ShareFile Flaw to KEV Catalog Due to In-the-Wild Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw in Citrix ShareFile storage...
ClamAV HFS+ File Scanning Infinite Loop Denial of Service Vulnerability
A vulnerability in the filesystem image parser for Hierarchical File System Plus (HFS+) of ClamAV could allow an...
ClamAV AutoIt Module Denial of Service Vulnerability
A vulnerability in the AutoIt module of ClamAV could allow an unauthenticated, remote attacker to cause a denial...
Cisco Unified Contact Center Express Finesse Portal Web Cache Poisoning Vulnerability
A vulnerability in the Tomcat implementation for Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated,...
Cisco Unified Communications Products Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified CM Session...
Cisco Unified Communications Manager SQL Injection Vulnerability
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications...
Cisco Umbrella Virtual Appliance Undocumented Support Tunnel Vulnerability
A vulnerability in the remote support feature of Cisco Umbrella Virtual Appliance could allow an authenticated, remote attacker...
Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation Vulnerability
A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated,...
Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation Vulnerability
A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated,...
Cisco Prime Infrastructure and Evolved Programmable Network Manager Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM)...
Cisco Prime Infrastructure and Evolved Programmable Network Manager Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM)...
Cisco Intersight Virtual Appliance Unauthenticated Port Forwarding Vulnerability
A vulnerability in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access internal HTTP services...
Cisco Intersight Private Virtual Appliance Command Injection Vulnerabilities
Multiple vulnerabilities in Cisco Intersight Private Virtual Appliance could allow an authenticated, remote attacker to execute arbitrary commands...
Cisco Integrated Management Controller Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote...
Cisco Identity Services Engine Device Credential Information Disclosure Vulnerability
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote...
Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Request Forgery Vulnerability
A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform...
Cisco Expressway Series and Cisco TelePresence Video Communication Server Command Injection Vulnerability
A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS)...