High-Severity Firmware Security Flaws Left Unpatched in HP Enterprise Devices
A set of six high-severity firmware vulnerabilities impacting a broad range of HP Enterprise devices are still waiting to be patched, although some of them were publicly disclosed since July [...]
Hackers Exploit Zero-Day in WordPress BackupBuddy Plugin in ~5 Million Attempts
A zero-day flaw in a WordPress plugin known as BackupBuddy is being actively exploited, WordPress safety firm Wordfence has disclosed. BackupBuddy The BackupBuddy vulnerability impacts versions 8.5.8.0 through 8.7.4.1 and is under attack [...]
North Korean Lazarus hackers take aim at U.S. energy providers
The North Korean state-sponsored crime ring Lazarus Group is behind a new cyberespionage campaign with the goal to steal data and trade secrets from energy providers across the US, Canada [...]
Cisco Released Patches for Vulnerabilities Affecting Several Products
Cisco has released updates to address vulnerabilities affecting multiple products. The vulnerability, identified as CVE-2022-28199 (CVSS 8.6), is due to improper error handling in the network stack of DPDK, which enables a remote attacker to cause [...]
The North Face Warns of Major Credential Stuffing Campaign
Outdoor clothing giant The North Face has notified customers that their account may have been compromised, after noticing unusual activity on its website last month. It detected the credential stuffing attack on [...]
Get Social