Cyber Kendra

Intel has recently addressed a processor vulnerability called " Downfall ", which has affected several chip models from 2015 onwards.  Thi…

US service provider Maximus , specializing in health and social services, is the latest victim of a critical vulnerability in the MOVEit Transfer pro…

Tavis Ormandy, a researcher with Google Information Security, has discovered a serious silicon-level bug dubbed Zenbleed that can be exploited by ro…

Progress Software, the creators of the renowned MOVEit Transfer, a popular secure file transfer software, has recently identified and patched a criti…

On May 31, 2023, Progress Software Corporation released a security advisory for its MOVEit Transfer application. The advisory centered on a severe SQ…

Progress Software, the creator of the MOVEit Transfer application, has released patches aimed at fixing newly discovered SQL injection vulnerabilitie…

Security researcher, Nagali found a critical account takeover vulnerability in the OpenAI ChatGPT application that allowed an attacker to take over s…

Security researcher from Horizon3's Attack Team has released the technical details and exploit code for VMware vRealize Log Insight appliances. …

After Fortinet issued an emergency patch for critical security vulnerabilities in its FortiOS SSL-VPN product. Now, today Citrix released another em…

On Monday, Fortinet issued an emergency patch for critical security vulnerabilities in its FortiOS SSL-VPN product.  The vulnerability is now tracked…

A security researcher from Google discovered critical remote code execution flaws in the   Visual Studio Code , that allow an attacker to fully take …

Twitter has just fixed the password reset bug that allowed Twitter accounts to stay logged in from multiple devices after a voluntary password reset…

A new Linux kernel exploitation called Dirty Cred was revealed at last week’s Black Hat security conference.  The flaw which is identified as CVE-202…

Security researchers discovered a series of vulnerabilities in twenty commonly used Electron applications and gained Remote Code Execution within app…

A couple of researchers from Sapienza University of Rome and Graz University of Technology have discovered a new vulnerability dubbed " ÆPIC Lea…

Check Point Research has identified vulnerabilities in the ALAC format which is used by the largest mobile chip manufacturers, Qualcomm and MediaTek.…

It all started on 9th April, when a Twitter account connected to a group called “BlueHornet” tweeted about an experimental exploit for NGINX 1.18, cl…

VMware released a critical advisory addressing security vulnerabilities found and resolved in VMware’s Workspace ONE Access, VMware Identity Manager…

Update:  Apache Tomcat releases versions 10.0.20, 9.0.62, and 8.5.78 as part of the mitigation effort. Manual Workarounds for Apache Tomcat upgrade…

Update as of 31st March: Spring has Confirmed the RCE in Spring Framework . The team has just published the statement along with the mitigation guide…