Follow Cyber Kendra on Google News! | WhatsApp | Telegram

Add as a preferred source on Google
Vulnerability
HTTP/2 'Rapid Reset' Attack Flaw Allows DDoS at Record-Breaking Scale

HTTP/2 'Rapid Reset' Attack Flaw Allows DDoS at Record-Breaking Scale

Cloudflare, Google, and Amazon AWS have publicly disclosed a serious vulnerability in the HTTP/2 web protocol that has been used to conduct record-br…
Critical Vulnerability Disclosed in libcue Library Used by GNOME Desktop

Critical Vulnerability Disclosed in libcue Library Used by GNOME Desktop

A critical security vulnerability has been disclosed in the open source libcue library, which could enable remote code execution on Linux systems run…
Looney Tunables Flaw in Linux Allows Root Access

Looney Tunables Flaw in Linux Allows Root Access

Security researchers at Qualys have disclosed a high-severity vulnerability in the GNU C Library (glibc) that could allow local attackers to gain roo…
Six 0day Vulnerabilities Discovered in Exim Mail Server - Update Now!

Six 0day Vulnerabilities Discovered in Exim Mail Server - Update Now!

There was already news about the new critical vulnerabilities reported to the Exim Mail transfer agent, which if exploited successfully, allows remot…
Critical Security Vulnerabilities Discovered in WebKitGTK and WPE WebKit

Critical Security Vulnerabilities Discovered in WebKitGTK and WPE WebKit

The WebKitGTK and WPE WebKit projects have disclosed multiple critical security vulnerabilities that affect the open-source web browser engine used i…
Progress Fixes Critical Pre-Auth RCE Flaws in WS_FTP Server

Progress Fixes Critical Pre-Auth RCE Flaws in WS_FTP Server

Progress Software Corporation subsidiary, Ipswitch has disclosed multiple high severity security flaws affecting WS_FTP Server software on all platf…
New MOVEit Transfer SQL Injection Vulnerabilities Discovered - Patch Now!

New MOVEit Transfer SQL Injection Vulnerabilities Discovered - Patch Now!

Progress Software has released security updates for its MOVEit Transfer file transfer application. The updates fix a couple of SQL injection vulnerab…
Microsoft Uncovered Critical Flaws in Ncurses Library Impacting Linux and macOS

Microsoft Uncovered Critical Flaws in Ncurses Library Impacting Linux and macOS

Microsoft researchers have recently discovered a series of critical memory corruption vulnerabilities in ncurses , an open-source library that enable…
Downfall Flaw: New Data Vulnerability in Intel’s Chips

Downfall Flaw: New Data Vulnerability in Intel’s Chips

Intel has recently addressed a processor vulnerability called " Downfall ", which has affected several chip models from 2015 onwards.  Thi…
MOVEit vulnerability: U.S. operation reports data leakage for up to 11 million people

MOVEit vulnerability: U.S. operation reports data leakage for up to 11 million people

US service provider Maximus , specializing in health and social services, is the latest victim of a critical vulnerability in the MOVEit Transfer pro…
Zenbleed - A Serious Leak Threat to AMD Zen 2 Processors

Zenbleed - A Serious Leak Threat to AMD Zen 2 Processors

Tavis Ormandy, a researcher with Google Information Security, has discovered a serious silicon-level bug dubbed Zenbleed that can be exploited by ro…
Another Unauthenticated SQLi Flaw Patched in MOVEit Transfer Software

Another Unauthenticated SQLi Flaw Patched in MOVEit Transfer Software

Progress Software, the creators of the renowned MOVEit Transfer, a popular secure file transfer software, has recently identified and patched a criti…
Exploit Released for Critical MOVEit Transfer RCE Vulnerability

Exploit Released for Critical MOVEit Transfer RCE Vulnerability

On May 31, 2023, Progress Software Corporation released a security advisory for its MOVEit Transfer application. The advisory centered on a severe SQ…
Multiple SQL Injection Vulnerabilities in MOVEit Transfer with Fresh Security Patches

Multiple SQL Injection Vulnerabilities in MOVEit Transfer with Fresh Security Patches

Progress Software, the creator of the MOVEit Transfer application, has released patches aimed at fixing newly discovered SQL injection vulnerabilitie…
OpenAI Fixed Account Takeover Bug in ChatGPT

OpenAI Fixed Account Takeover Bug in ChatGPT

Security researcher, Nagali found a critical account takeover vulnerability in the OpenAI ChatGPT application that allowed an attacker to take over s…
PoC Exploit Released for VMware RCE Bug

PoC Exploit Released for VMware RCE Bug

Security researcher from Horizon3's Attack Team has released the technical details and exploit code for VMware vRealize Log Insight appliances. …
Citrix Warns for New Zeroday Vulnerability Exploited in Wild

Citrix Warns for New Zeroday Vulnerability Exploited in Wild

After Fortinet issued an emergency patch for critical security vulnerabilities in its FortiOS SSL-VPN product. Now, today Citrix released another em…
Fortinet Warns for New Pre-auth RCE Vulnerability Exploited in Wild

Fortinet Warns for New Pre-auth RCE Vulnerability Exploited in Wild

On Monday, Fortinet issued an emergency patch for critical security vulnerabilities in its FortiOS SSL-VPN product.  The vulnerability is now tracked…
Google Researcher Found Critical RCE in Visual Studio Code

Google Researcher Found Critical RCE in Visual Studio Code

A security researcher from Google discovered critical remote code execution flaws in the   Visual Studio Code , that allow an attacker to fully take …
Twitter Fix Session Validation Bug on Password Reset

Twitter Fix Session Validation Bug on Password Reset

Twitter has just fixed the password reset bug that allowed Twitter accounts to stay logged in from multiple devices after a voluntary password reset…