Follow Cyber Kendra on Google News! | WhatsApp | Telegram

Vulnerability
New Security Flaws in Apple Chips Could Expose Sensitive Browser Data

New Security Flaws in Apple Chips Could Expose Sensitive Browser Data

Security researchers from Georgia Tech and Ruhr University Bochum have uncovered two significant vulnerabilities in Apple's latest processors tha…
Coolify Hit by Three RCE Flaws with Maximum CVSS Score

Coolify Hit by Three RCE Flaws with Maximum CVSS Score

Security researchers have uncovered three critical vulnerabilities in Coolify, the open-source platform used for managing servers, applications, and …
Critical Vulnerability in SonicWall SMA1000 Devices Actively Exploited

Critical Vulnerability in SonicWall SMA1000 Devices Actively Exploited

SonicWall has issued an urgent security advisory for a critical vulnerability affecting its SMA1000 series appliances, which is actively being explo…
Cookie Sandwich - New Attack Steals HttpOnly Cookies

Cookie Sandwich - New Attack Steals HttpOnly Cookies

A concerning new web security vulnerability dubbed " Cookie Sandwich " has been discovered that allows attackers to bypass HttpOnly cookie …
Critical 7-Zip Vulnerability Bypasses Windows Security

Critical 7-Zip Vulnerability Bypasses Windows Security

A high-severity vulnerability has been discovered in the popular file compression tool 7-Zip, potentially enabling attackers to bypass crucial Window…
Critical Vulnerabilities Discovered in SimpleHelp Remote Support Software

Critical Vulnerabilities Discovered in SimpleHelp Remote Support Software

Security researchers at Horizon3.ai have uncovered three critical vulnerabilities in SimpleHelp, a remote support software solution used globally. T…
Critical Auth Bypass Vulnerability in Fortinet Products Actively Exploited

Critical Auth Bypass Vulnerability in Fortinet Products Actively Exploited

Fortinet has disclosed a critical authentication bypass vulnerability ( CVE-2024-55591 ) affecting FortiOS and FortiProxy products that allow remote …
WorstFit - Critical Vulnerability Discovered in Windows Charset Conversion

WorstFit - Critical Vulnerability Discovered in Windows Charset Conversion

Security researchers Orange Tsai and Splitline Huang have discovered a significant vulnerability in Windows systems that could allow attackers to by…
Ivanti Connect Secure VPN Targeted in New Zero-Day

Ivanti Connect Secure VPN Targeted in New Zero-Day

Ivanti has released an urgent security update addressing two significant vulnerabilities affecting its Connect Secure, Policy Secure, and Neurons for…
Signature Verification Bypass Discovered in Nuclei Vulnerability Scanner

Signature Verification Bypass Discovered in Nuclei Vulnerability Scanner

Security researchers at Wiz have uncovered a significant vulnerability in Nuclei, a widely-used open-source security scanning tool, that could allow …
Alleged 7-Zip Zero-Day Vulnerability Claims Disputed by Developer

Alleged 7-Zip Zero-Day Vulnerability Claims Disputed by Developer

A recent claim of a zero-day vulnerability in the popular file compression software 7-Zip has been disputed by the program's developer, raising q…
Apache Patches Critical Remote Code Execution Vulnerability in Tomcat

Apache Patches Critical Remote Code Execution Vulnerability in Tomcat

The Apache Software Foundation has issued an urgent security advisory regarding a critical remote code execution (RCE) vulnerability in Apache Tomcat…
Vulnerability in Spring Boot Actuator Exposes Cloud Environments

Vulnerability in Spring Boot Actuator Exposes Cloud Environments

A new research report from Wiz Threat Research has uncovered widespread security risks in Spring Boot Actuator implementations, affecting numerous cl…
Critical 7-Zip Vulnerability Could Allow Remote Code Execution Through Malicious Archives

Critical 7-Zip Vulnerability Could Allow Remote Code Execution Through Malicious Archives

A critical security vulnerability has been discovered in 7-Zip, the popular file compression utility, potentially allowing attackers to execute malic…
Critical Vulnerability in Arc Browser's Legacy Boost Feature Patched

Critical Vulnerability in Arc Browser's Legacy Boost Feature Patched

A security researcher identified a significant vulnerability in the Arc browser that could have allowed attackers to gain write access to a user'…
Citrix Patches Unauthenticated RCE Flaw in Virtual Apps and Desktops

Citrix Patches Unauthenticated RCE Flaw in Virtual Apps and Desktops

Citrix has released security updates to address two vulnerabilities in its Virtual Apps and Desktops Session Recording feature that could allow attac…
Okta Patches Critical Authentication Bypass in AD/LDAP Integration

Okta Patches Critical Authentication Bypass in AD/LDAP Integration

Okta has patched a critical vulnerability in its AD/LDAP Delegated Authentication system that could allow unauthorized access to accounts with usern…
Research Exposes Cryptographic Vulnerabilities in E2EE Cloud Storage Systems

Research Exposes Cryptographic Vulnerabilities in E2EE Cloud Storage Systems

Researchers from ETH Zurich, Jonas Hofmann and Kien Tuong Truong uncovered significant security flaws in five popular end-to-end encrypted (E2EE) clo…
Palo Alto Networks Warns of Firewall Hijack Flaw

Palo Alto Networks Warns of Firewall Hijack Flaw

Palo Alto Networks has disclosed multiple critical vulnerabilities in its Expedition tool that could allow attackers to hijack PAN-OS firewalls. Acco…
Arc Browser Patched Critical No User Interaction Flaw - Update Now!

Arc Browser Patched Critical No User Interaction Flaw - Update Now!

A significant vulnerability was discovered in the Arc browser, developed by The Browser Company. The flaw, now identified as CVE-2024-45489, potentia…