Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

Making Choices that Lead to Stronger Vulnerability Management

The threat environment will continue to grow in complexity. Now is the time for organizations to streamline how they manage and mitigate overlooked vulnerabilities.

DARKReading
Open in Source
#sql#vulnerability#mac#windows#microsoft#intel#auth#zero_day
Kiuwan Local Analyzer / SAST / SaaS XML Injection / XSS / IDOR

Kiuwan SAST versions prior to 2.8.2402.3, Kiuwan Local Analyzer versions prior to master.1808.p685.q13371, and Kiuwan SaaS versions prior to 2024-02-05 suffer from XML external entity injection, cross site scripting, insecure direct object reference, and various other vulnerabilities.

SEH utnserver Pro/ProMAX / INU-100 20.1.22 XSS / DoS / File Disclosure

SEH utnserver Pro/ProMAX and INU-100 version 20.1.22 suffers from cross site scripting, denial of service, and file disclosure vulnerabilities.

Hardwear.io NL 2024 Call For Papers

The call for papers for Hardwear.io 2024 in the Netherlands is now open. It will take place October 24th through the 24th, 2024 at the Marriott Hotel, Amsterdam, The Netherlands.

FengOffice 3.11.1.2 SQL Injection

FengOffice version 3.11.1.2 suffers from a remote blind SQL injection vulnerability.

Malicious Node on ComfyUI Steals Data from Crypto, Browser Users

Cryptocurrency users beware: A malicious ComfyUI node steals sensitive data like passwords, crypto wallet addresses, etc. Stay safe…

Using Electronic Health Records (EHRs) for Healthcare Data Extraction

Electronic health records (EHRs) have become crucial tools for storing and managing patient information. These digital records contain…

Azure Service Tags Vulnerability: Microsoft Warns of Potential Abuse by Hackers

Microsoft is warning about the potential abuse of Azure Service Tags by malicious actors to forge requests from a trusted service and get around firewall rules, thereby allowing them to gain unauthorized access to cloud resources. "This case does highlight an inherent risk in using service tags as a single mechanism for vetting incoming network traffic," the Microsoft Security Response Center (

Google Takes Down Influence Campaigns Tied to China, Indonesia, and Russia

Google has revealed that it took down 1,320 YouTube channels and 1,177 Blogger blogs as part of a coordinated influence operation connected to the People’s Republic of China (PRC). "The coordinated inauthentic network uploaded content in Chinese and English about China and U.S. foreign affairs," Google Threat Analysis Group (TAG) researcher Billy Leonard said in the company's quarterly bulletin

Governments, Businesses Tighten Cybersecurity Around Hajj Season

While cyberattacks drop slightly during the week of the Islamic pilgrimage, organizations in Saudi Arabia and other countries with large Muslim populations see attacks on the rise.