Content Paint

vulnerabilities

Critical "Gitea" vulnerability exploited

"User access on a Gitea box isn't "a web panel," it's your source code"

Citrix credits JPMorgan, pushes fixes for six ugly NetScaler bugs

watchTowr also credited after letting “our small pets walk across our keyboard, and watching what happens.”

nissan data breach

Bug was exploited as a zero day for two weeks before a patch landed

AWS's latest security tool will prioritise bugs before patching

AWS Continuum promises "machine speed" remediation for the post-Mythos era.

Langflow instances are getting exploited – again

"“These deployments rarely got the hardening a production web app would. They run with default authentication settings and sit on public IPs because someone needed to demo a flow to a stakeholder..."

Defender under attack, "HTTP/2 Bomb" - and other record Patch Tuesday notes

Plus a fresh exploit from Nightmare Eclypse.

Microsoft looks to turn down  temperature amid ongoing "Nightmare Eclipse" spat

"To be clear about our approach to legal matters, we have no intention to pursue action against individuals conducting or publishing their security research."

Microsoft stirs a hornets nest over “criminal” zero day disclosure threats

A BitLocker "backdoor" remains unpatched, whilst "RedSun", "UnDefend, "BlueHammer" get exploited in the wild.

Over 10 threat groups are now feasting on your Cisco SD-WAN

The latest open door? A CVSS 10 authentication bypass, for network on a plate

Search the site

Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Great! You've successfully signed up.
Great! You've successfully signed up.
Welcome back! You've successfully signed in.
Success! You now have access to additional content.