Devices exposed to remote hacking via Erlang/OTP SSH vulnerability
Erlang/OTP's SSH implementation has a critical vulnerability allowing remote code execution without authentication, requiring urgent attention and action from security teams.
Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure
A critical vulnerability in Apache Tomcat enables remote code execution and information disclosure, with active exploitation noted shortly after its disclosure.
Devices exposed to remote hacking via Erlang/OTP SSH vulnerability
Erlang/OTP's SSH implementation has a critical vulnerability allowing remote code execution without authentication, requiring urgent attention and action from security teams.
Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure
A critical vulnerability in Apache Tomcat enables remote code execution and information disclosure, with active exploitation noted shortly after its disclosure.
Hackers Exploit Critical CrushFTP Flaw to Gain Admin Access on Unpatched Servers
"CrushFTP 10 before 10.8.5 and 11 before 11.3.4_23, when the DMZ proxy feature is not used, mishandles AS2 validation and consequently allows remote attackers to obtain admin access via HTTPS."
Is your Asus router part of a botnet? How to check - and what you can do
Asus routers faced a significant security breach, impacting thousands as cybercriminals exploited vulnerabilities and established persistent backdoors.
Is your Asus router part of a botnet? How to check - and what you can do
Asus routers faced a significant security breach, impacting thousands as cybercriminals exploited vulnerabilities and established persistent backdoors.
Google Chrome hit by another serious security flaw - update your browser ASAP
The NIST page describes it as: "Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page."
AMD releases security update for Ryzen CPUs with TPM vulnerability
The flaw in the CryptHmacSign function enables attackers to read unauthorized data from the TPM, raising security concerns despite AMD’s timely firmware update.