Security Boulevard3 小时
Tarbomb Denial of Service via Path Traversal
As software applications are built and developed over the years, engineering teams continuously shift perspective on what features to prioritize or de-prioritize. A feature developed five years ago ...
Blue Yonder investigating Clop ransomware threat linked to exploited Cleo CVEs
The financially-motivated hacker was previously linked to the mass exploitation of critical vulnerabilities in MOVEit ...
CSOonline1 个月
Attackers exploit zero-day RCE flaw in Cleo managed file transfer
The exploit takes advantage of a known file upload vulnerability that was not efficiently patched and can still be exploited in up-to-date versions of Cleo LexiCom, VLTrader and Harmony products.
Another top WordPress plugin found carrying critical security flaws
A popular WordPress plugin was found carrying two critical vulnerabilities that allow threat actors to upload files, tamper ...
Infosecurity-magazine.com8 天
Fancy Product Designer Plugin Flaws Expose WordPress Sites
Critical Fancy Product Designer plugin flaws risk remote code execution and SQL injection attacks on WordPress sites ...
TechRadar1 个月
Top file-sharing tools are being hit by security attacks once again
Cybersecurity researchers at Huntress have claimed LexiCom, VLTransfer, and Harmony were all vulnerable to CVE-2024-50623, an unrestricted file upload and download vulnerability that could lead to ...
Unpatched critical flaws impact Fancy Product Designer WordPress plugin
Premium WordPress plugin Fancy Product Designer from Radykal is vulnerable to two critical severity flaws that remain unfixed ...