On December 30, 2024, a 'Chinese government-sponsored advanced persistent threat actor' breached a system managing confidential data for the U.S. Treasury Department. It was discovered that the ...
Intruder built an AI-powered "vulnerability vending machine" that combines code slicing with LLMs to automatically discover ...
Broadcom warns of an SQL injection vulnerability in VMware Avi Load Balancer. Attackers can gain unauthorized access to the database. "Malicious users with network access can send specially crafted ...
A serious security issue has been discovered in the WordPress Paid Membership Subscriptions plugin, which is used by over 10,000 sites to manage memberships and recurring payments. Versions 2.15.1 and ...
A critical vulnerability in the Cacti Web-based open source framework for monitoring network performance gives attackers a way to disclose Cacti's entire database contents — presenting a prickly risk ...
On the April Patchday, SAP addresses vulnerabilities with 19 security notes. One critical vulnerability allows the injection of SQL commands. On the April Patchday, SAP addresses vulnerabilities in ...
The Honeynet Project, a non-profit organization that develops open-source security research tools, has created a component for the Glastopf Web application honeypot software that can emulate ...