Security
Headlines
HeadlinesLatestCVEs

Tag

#web

Single HTTP Request Can Exploit 6M WordPress Sites

The popular LiteSpeed Cache plug-in is vulnerable to unauthenticated privilege escalation via a dangerous XSS flaw.

DARKReading
Open in Source
#xss#vulnerability#web#cisco#git#wordpress#auth
THN Cybersecurity Recap: Top Threats and Trends (Sep 30 - Oct 6)

Ever heard of a "pig butchering" scam? Or a DDoS attack so big it could melt your brain? This week's cybersecurity recap has it all – government showdowns, sneaky malware, and even a dash of app store shenanigans. Get the scoop before it's too late! ⚡ Threat of the Week Double Trouble: Evil Corp & LockBit Fall: A consortium of international law enforcement agencies took steps to arrest four

Google Blocks Unsafe Android App Sideloading in India for Improved Fraud Protection

Google has announced that it's piloting a new security initiative that automatically blocks sideloading of potentially unsafe Android apps in India, after similar tests in Singapore, Thailand, and Brazil. The enhanced fraud protection feature aims to keep users safe when they attempt to install malicious apps from sources other than the Google Play Store, such as web browsers, messaging apps,

E.U. Court Limits Meta's Use of Personal Facebook Data for Targeted Ads

Europe's top court has ruled that Meta Platforms must restrict the use of personal data harvested from Facebook for serving targeted ads even when users consent to their information being used for advertising purposes, a move that could have serious consequences for ad-driven companies operating in the region. "An online social network such as Facebook cannot use all of the personal data

Solving the Puzzle of RBAC with Red Hat Customer Portal

You've just created a Red Hat Customer Portal account to provision a Red Hat OpenShift cluster. If you're new to Red Hat Customer Portal, then you probably have a lot of questions, like what other Red Hat portals do you have access to? How do you manage your registered clusters? What exactly is an Organization Administrator? Are there other team members who need privileged access? In this blog, we address all of these questions, and more, to help you navigate the Red Hat Customer Portal and its role-based access control (RBAC) system, and how it all connects to the Red Hat Hybrid Cloud Console

Dutch Police Hacked, 63,000 Officers’ Details Exposed

A foreign government is believed to have hacked into the Dutch police force’s systems, exposing the contact details…

The FBI Still Hasn’t Cracked NYC Mayor Eric Adams’ Phone

Plus: Harvard students pack Meta’s smart glasses with privacy-invading face-recognition tech, Microsoft and the DOJ seize Russian hackers’ domains, and more.

GHSA-jqvm-9xm2-gc38: Mediawiki Cargo extension vulnerable to Cross-site Scripting

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation Mediawiki - Cargo allows Cross-Site Scripting (XSS).This issue affects Mediawiki - Cargo: from 3.6.X before 3.6.1.

ABB Cylon Aspect 3.07.02 Authenticated File Disclosure

ABB Cylon Aspect version 3.07.02 suffers from an authenticated arbitrary file disclosure vulnerability. Input passed through the file GET parameter through the downloadDb.php script is not properly verified before being used to download database files. This can be exploited to disclose the contents of arbitrary and sensitive files via directory traversal attacks.

Debian Security Advisory 5783-1

Debian Linux Security Advisory 5783-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.