Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

GHSA-chgm-7r52-whjj: Hashicorp Consul Path Traversal vulnerability

A vulnerability was identified in Consul and Consul Enterprise ("Consul") such that using URL paths in L7 traffic intentions could bypass HTTP request path-based access rules.

ghsa
#vulnerability#web#auth
White House Outlines AI's Role in National Security

A national security memorandum on artificial intelligence tasks various federal agencies with securing the AI supply chain from potential cyberattacks and disseminating timely threat information about them.

'Midnight Blizzard' Targets Networks With Signed RDP Files

The Russian-backed group is using a novel access vector to harvest victim data and compromise devices in a large-scale intelligence-gathering operation.

GHSA-pjhx-j53p-c5f5: ThinkPHP deserialization vulnerability

A deserialization vulnerability in the component \controller\Index.php of Thinkphp v6.1.3 to v8.0.4 allows attackers to execute arbitrary code.

Fake Meta Ads Hijacking Facebook Accounts to Spread SYS01 Infostealer

A malvertising campaign is exploiting Meta’s platform to spread SYS01 infostealer, targeting men 45+ via fake ads for…

Russian Cozy Bear Hackers Phish Critical Sectors with Microsoft, AWS Lures

Russian state-sponsored hackers Cozy Bear are targeting over 100 organizations globally with a new phishing campaign. This sophisticated…

Cybersecurity Training Resources Often Limited to Developers

With a lack of cybersecurity awareness training resources for all employees, organizations are more susceptible to being breached or falling short when it comes to preventing threats.