Tag: vulnerabilities

December 2, 2020

Until May, all Apple iOS devices were vulnerable to a “zero-click exploit” that would have allowed hackers to remotely gain complete control. Using the exploit, attackers would have been able to “view all the photos, read all the email, copy […]

November 18, 2020

Experts at the Wordfence Threat Intelligence team uncovered a large-scale wave of attacks targeting reported Function Injection vulnerabilities in themes using the Epsilon Framework. Below a list of themes and related versions that are vulnerable to the above attacks: Shapely […]

November 17, 2020

Over a year ago Microsoft Patch Tuesday updates for May 2019 addressed nearly 80 vulnerabilities, including the BlueKeep flaw. The issue is a remote code execution flaw in Remote Desktop Services (RDS) that can be exploited by an unauthenticated attacker […]

November 12, 2020

Google has addressed two zero-day vulnerabilities, actively exploited in the wild, with the release of Chrome version 86.0.4240.198. The IT giant has fixed a total of five Chrome zero-day vulnerabilities in only three weeks. Both zero-day flaws, tracked as CVE-2020-16013 […]

November 11, 2020

The Firefox vulnerability, tracked as CVE-2020-26950, has been described as an issue related to write side effects in MCallGetProperty opcode not being accounted for. “In certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable […]

November 3, 2020

Adobe has fixed critical-severity flaws tied to four CVEs in the Windows and macOS versions of its Acrobat and Reader family of application software services. The vulnerabilities could be exploited to execute arbitrary code on affected products. These critical flaws […]

November 3, 2020

Google has released Chrome 86.0.4240.183 for Windows, Mac, and Linux that address ten security vulnerabilities including a remote code execution (RCE) zero-day (CVE-2020-16009) exploited by threat actors in the wild. The RCE is an inappropriate implementation in V8, which is […]

October 28, 2020

The line between our personal and professional lives is blurring in an unprecedented fashion as we approach the 2020 presidential election. From Oracle and Walmart’s plans to invest in TikTok to a bug in Joe Biden’s campaign app that exposed […]

October 28, 2020

Thanks to the quick transition to remote work due to the current global pandemic – coupled with cybercriminals’ penchant for taking advantage of fear, uncertainty, and doubt – security researchers have seen a surge in cybersecurity issues. Cybercriminals have been […]

October 14, 2020

Tracked as CVE-2020-16898, the issue is triggered when the TCP/IP stack doesn’t handle ICMPv6 Router Advertisement packets properly. An attacker could send specially crafted ICMPv6 Router Advertisement packets to a remote Windows machine to exploit the flaw and execute arbitrary […]