Latest News
Backdoor.Win32.Benju.a malware suffers from a remote command execution vulnerability. This is the 700th release of a malvuln finding.
Backdoor.Win32.Prorat.jz malware suffers from a buffer overflow vulnerability.
Backdoor.Win32.Amatu.a malware suffers from a remote arbitrary file write vulnerability.
Backdoor.Win32.Agent.pw malware suffers from a buffer overflow vulnerability.
Backdoor.Win32.Boiling malware suffers from a code execution vulnerability.
### Summary If values passed to a `ColorColumn` or `ColumnEntry` are not valid and contain a specific set of characters, applications are vulnerable to Cross-site Scripting (XSS) attack against a user who opens a page on which a color column or entry is rendered. Versions of Filament from v3.0.0 through v3.2.114 are affected. Please upgrade to Filament [v3.2.115](https://github.com/filamentphp/filament/releases/tag/v3.2.115). ### PoC > *PoC will be published in a few weeks, once developers have had a chance to upgrade their apps.* ### Response This vulnerability (in `ColorColumn` only) was reported by @sv-LayZ, who reported the issue and patched the issue during the evening of 25/09/2024. Thank you Mattis. The review process concluded on 27/09/2024, which revealed the issue was also present in `ColorEntry`. This was fixed the same day and Filament [v3.2.115](https://github.com/filamentphp/filament/releases/tag/v3.2.115) followed. > *An explanation of the fix will be published ...
The vulnerability is the latest discovered in connected vehicles in recent years, and it points out the cyber dangers lurking in automotive APIs.
Companies that commit to risk management have a strong cybersecurity foundation that makes it easier to comply with the SEC's rules. Here is what you need to know about 8K and 10K filings.
Adversaries can exploit CVE-2024-6769 to jump from regular to admin access without triggering UAC, but Microsoft says it's not really a vulnerability.
It is imperative for executives and board members to know who their top allies are, and how to best leverage them to successfully navigate a crisis and minimize the harm caused by a breach.