The popular continuous-delivery platform has a path-traversal bug (CVE-2022-24348) that could allow cyberattackers to hop from one application ecosystem to another.
Threatpost
Posts tagged "opens"
Box 2FA Bypass Opens User Accounts to Attack
A security bug in the file-sharing cloud app could have allowed attackers using stolen credentials to skate by one-time SMS code verification requirements.
Threatpost
Critical ManageEngine Desktop Server Bug Opens Orgs to Malware
Zoho’s comprehensive endpoint-management platform suffers from an authentication-bypass bug (CVE-2021-44757) that could lead to remote code execution.
Threatpost
Widespread, Easily Exploitable Windows RDP Bug Opens Users to Data Theft
Most Windows versions are at risk of remote, unprivileged attackers abusing RDP from the inside to hijack smart cards and get unauthorized file system access.
Partially Unpatched VMware Bug Opens Door to Hypervisor Takeover
ESXi version 7 users are still waiting for a full fix for a high-severity heap-overflow security vulnerability, but Cloud Foundation, Fusion and Workstation users can go ahead and patch.
Threatpost
Planned Parenthood Breach Opens Patients to Follow-On Attacks
Cyberattackers made off with addresses, insurance information, dates of birth, and most worryingly, clinical information, such as diagnosis, procedures, and/or prescription information.
Threatpost
Wormable Windows Bug Opens Door to DoS, RCE
Microsoft’s May 2021 Patch Tuesday updates include fixes for four critical security vulnerabilities.
Threatpost
Vulnerable WordPress plugin opens door to millions of attacks
A massive ongoing campaign is hunting for websites running vulnerable WordPress addons.