#windows

Talos researchers have disclosed three vulnerabilities in OpenPLC, a popular open-source programmable logic controller.

DragonForce ransomware is expanding its RaaS operation and becoming a global cybersecurity threat against businesses. Companies must implement…

Cybersecurity researchers have flagged the discovery of a new post-exploitation red team tool called Splinter in the wild. Palo Alto Networks Unit 42 shared its findings after it discovered the program on several customers' systems. "It has a standard set of features commonly found in penetration testing tools and its developer created it using the Rust programming language," Unit 42's Dominik

Altered versions of legitimate Android apps associated with Spotify, WhatsApp, and Minecraft have been used to deliver a new version of a known malware loader called Necro. Kaspersky said some of the malicious apps have also been found on the Google Play Store. They have been cumulatively downloaded 11 million times. They include - Wuta Camera - Nice Shot Always (com.benqu.wuta) - 10+ million

Elaine's Realtime CRM Automation version 6.18.17 suffers from a cross site scripting vulnerability.

PHP ACRSS version 1.0 suffers from a cross site request forgery vulnerability.

Reservation Management System version 1.0 suffers from a backup disclosure vulnerability.

Rail Pass Management System version 1.0 suffers from an ignored default credential vulnerability.

PreSchool Enrollment System version 1.0 suffers from an ignored default credential vulnerability.

PHP SPM version 1.0 suffers from a cross site request forgery vulnerability.