You can now find Cyber Kendra on Google News!

Vulnerability

New HTTP/2 Vulnerability Poses Severe Threat to Server Availability

A recently discovered class of vulnerabilities within numerous HTTP/2 protocol implementations, dubbed the "CONTINUATION Flood," has been f…

GoFetch Flaw Exposes Cryptographic Key Leakage Risk in Apple's M-Series Chips

A team of academic researchers has uncovered a concerning vulnerability affecting Apple's M-series chips that could allow attackers to extract en…

Critical Security Flaws Discovered in OpenMetadata Platform

Security researcher Alvaro Muñoz of the GHSL team has uncovered multiple critical vulnerabilities in OpenMetadata, an open-source metadata management…

Ivanti Discloses Critical RCE Flaw in Standalone Sentry, Urges Immediate Patching

Ivanti has disclosed a critical remote code execution vulnerability in its Standalone Sentry software and is strongly urging customers to apply patch…

ConnectWise Issues Critical Security Advisory for ScreenConnect Product

ConnectWise has released a critical security advisory for its popular remote access and support tool ScreenConnect. The advisory addresses two vulne…

Zoom Fix Critical Windows Flaw and Six Other Bugs [Update Now]

Video conferencing provider Zoom has released security updates to address seven vulnerabilities impacting its Windows, macOS, Linux, Android and iOS …

Sonicwall Patch Authentication Bypass Flaw in SonicOS SSL VPN

After Fortinet and Ivanti now Sonicwall has released the security update for its SonicOS SSL VPN.  A recently disclosed vulnerability in Sonicwall&#…

Jenkins Patch Critical CLI File Read Vulnerability Lead to RCE

The Jenkins project has released new versions of Jenkins core and several plugins to address multiple security vulnerabilities, including some that c…

Critical Authentication Bypass Discovered in Fortra GoAnywhere MFT - Exploit Released

A critical Authentication Bypass vulnerability has been uncovered in Fortra's popular GoAnywhere Managed File Transfer (MFT) software that could …

Spring Framework Fixes Severe DoS Vulnerability in Latest Releases

A severe vulnerability has been discovered in the popular Java framework Spring that could allow denial-of-service (DoS) attacks. The vulnerability, …

New 'PixieFail' Vulnerabilities in UEFI Firmware Threaten Enterprise Systems

A team of security researchers at Quarkslab have discovered a series of critical vulnerabilities affecting EDK II, the open source reference implemen…

New Critical Opera Browser Vulnerability Puts Millions of Users at Risk

A critical vulnerability has been discovered in the popular Opera web browser that could allow remote code execution on both Windows and Mac operatin…

Critical Ivanti Zero-Day Vulnerabilities Under Active Exploitation

In a recent disclosure by Ivanti, a leading IT service management solutions provider, two zero-day vulnerabilities in their products have been active…

New Security Flaws Uncovered in SSH Protocol

A team of researchers from Ruhr University Bochum in Germany have uncovered new security vulnerabilities in the Secure Shell (SSH) protocol that coul…

Barracuda Patches Actively Exploited Flaw Used by Chinese APT

Barracuda has disclosed a critical vulnerability in its Email Security Gateway (ESG) appliances that has been actively exploited by a Chinese state-s…

New 'Mayhem' Attack Bypasses Security in OpenSSH, OpenSSL and MySQL via Fault Injection

A new paper titled " Mayhem: Targeted Corruption of Register and Stack Variables " reveals a critical security vulnerability that could all…

Critical OpenSSH Flaw Could Allow Remote Code Execution

A high-severity vulnerability has been discovered in OpenSSH that could potentially be exploited by an attacker to execute arbitrary commands on a ta…

CacheWarp - New Vulnerability Breaks Integrity of AMD SEV

Researchers from CISPA Helmholtz Center for Information Security have discovered a new software-based fault attack named CacheWarp that breaks the in…

'Reptar' - New Intel CPU Vulnerability Discovered by Google

A Google security researcher has uncovered a new CPU vulnerability impacting Intel desktop, mobile, and server CPUs.  The vulnerability dubbed ' …

AMD Warns of High-Risk Vulnerability in Graphics Drivers

The processor manufacturer AMD has disclosed a high-risk security vulnerability affecting certain graphics drivers for Radeon graphics chips.  The vu…