Our news

Qualys said the vuln gives any local user root access to systems running the most popular version of Sudo.

READ MORE →

Researchers publicly disclosed flaws in ADT’s LifeShield DIY HD Video Doorbell, which could have allowed local attackers to access credentials, video feeds and more.

READ MORE →

An anonymous researcher identified bugs in the software’s kernel and WebKit browser engine that are likely part of an exploit chain.

READ MORE →

Original release date: January 26, 2021 The Federal Trade Commission (FTC) has released information on scammers attempting to impersonate the FTC. The scammers operate an FTC-spoofed website that claims to provide instant cash payments and tries to trick consumers into disclosing their financial information. The real FTC does not require such information and scammers can…

READ MORE →

An unmonitored account belonging to a deceased employee allowed Nefilim to exfiltrate data and infiltrate systems for a month, without being noticed.

READ MORE →

If exploited, the most serious of these flaws could lead to a denial-of-service condition for Jetson products.

READ MORE →

Hackers masquerade as security researchers to befriend analysts and eventually infect fully patched systems at multiple firms with a malicious backdoor.

READ MORE →

A security flaw in TikTok could have allowed attackers to query query the platform’s database – potentially opening up for privacy violations.

READ MORE →

The high-severity security vulnerability (CVE-2021-1257) allows cross-site request forgery (CSRF) attacks.

READ MORE →

Original release date: January 25, 2021 The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available. High Vulnerabilities Primary Vendor —…

READ MORE →