Tag: Vulnerabilities

FortiGuard Lab Research Team, led by Gabby Xiong, Jin Lee, and Amina Qurban, sheds light on a sinister presence within PyPI.

Federal authorities have sounded the alarm on a critical breach involving ScreenConnect, a widely-used remote access tool within the healthcare sector.

Over the past month, members of the Huntr bug bounty platform dedicated to AI and ML have identified multiple severe vulnerabilities in popular solutions.

A Chinese hacking group, UNC3886, has been actively exploiting a critical vCenter Server vulnerability (CVE-2023-34048) as a zero-day since late 2021.

Cybersecurity researchers are issuing a warning about a concerning rise in threat actor activity exploiting a recently patched flaw in Apache ActiveMQ.

This specific vulnerability, labeled CVE-2023-34048, pertains to an out-of-bounds write flaw in VMware vCenter Server's implementation of the DCERPC protocol.

CISA has issued a directive urging federal agencies to address actively exploited zero-day flaws in Ivanti Connect Secure and Ivanti Policy Secure products.

Continuous integration and continuous delivery (CI/CD) misconfigurations in the open-source TensorFlow machine learning framework have been identified.

Connecticut-based startup Kusari has successfully secured $8 million in combined pre-seed and seed funding to bolster its efforts in software supply chain security

PixieFail vulnerabilities has been revealed in the TCP/IP network protocol stack of the Unified Extensible Firmware Interface (UEFI) specification.