Content Paint
Search
Sign in
Membership

vulnerabilities

Security  | Oct 31, 2023
Citrix Bleed: Two ransomware groups now exploiting bug for initial access
Citrix Bleed: Two ransomware groups now exploiting bug for initial access

Here's what you need to do to reduce the threat posed by CVE-2023-4966. But don't delay.

Security  | Oct 27, 2023
Zero day in free Roundcube webmail service exploited to target governments
Zero day in free Roundcube webmail service exploited to target governments

Despite the low sophistication of the group’s toolset, it is a threat to governments in Europe because... a significant number of internet-facing applications are not regularly updated although they are known to contain vulnerabilities.”

Security  | Oct 17, 2023
CVSS 10 Cisco bug is getting exploited, has no patch
CVSS 10 Cisco bug is getting exploited, has no patch

"We have also seen devices... getting the implant successfully installed through an as of yet undetermined mechanism."

 |  Software  | Oct 11, 2023
Patch Tuesday is 20: Curl fix lands, Skype’s under attack and there’s a wormable pre-auth RCE in the mix
Patch Tuesday is 20: Curl fix lands, Skype’s under attack and there’s a wormable pre-auth RCE in the mix

A CVSS 9.8, pre-auth RCE that lets an attacker execute arbitrary code without user interaction is wormable on systems where Message Queuing is enabled.

 |  Security  | Oct 03, 2023
Buffer overflow bug gives root on potentially millions of Linux boxes
Buffer overflow bug gives root on potentially millions of Linux boxes

Do you, or do you not, need to get your knickers in a twist? Well, that depends on your risk tolerance..

Security  | Sep 01, 2023
Academics warn over "problematic metrics and documentation" in CVSS system
Academics warn over "problematic metrics and documentation" in CVSS system

A study out of Germany has highlighted shortcomings in the CVSS system and the way security vulnerabilities are assessed and scored

News  | Aug 31, 2023
Subdomain hijacking holes run rampant, say experts
Subdomain hijacking holes run rampant, say experts

The little-known hacking technique of subdomain hijacking is threatening thousands of sites and their visitors despite efforts to eradicate

 |  Security  | Aug 22, 2023
Adobe patch nightmare: Trio of application server vulnerabilities being exploited
Adobe ColdFusion vulnerabilities exploited CVE-2023-26359

Want to let criminals “query your databases, add/change/delete files, export data or files off your server”? No, then you should probably be paying close attention to whether you are running Adobe ColdFusion and if you are exposed...

News  | Aug 22, 2023
MobileIron under active attack, admins warned to update
MobileIron under active attack, admins warned to update

Ivanti is warning of attacks on its MobileIron platform due to improper handling of APIs

Interviews, insight, intelligence, and exclusive events for digital leaders.

© 2026 The Stack
©  2026 The Stack

Search the site
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Great! You've successfully signed up.
Great! You've successfully signed up.
Welcome back! You've successfully signed in.
Success! You now have access to additional content.