Category: alerts

These code bombs lurk in the PyPI package repository, waiting to be inadvertently baked into software developers’ applications. Read more

A year-old proof-of-concept attack that allows an attacker to bypass TLS email protections to snoop on messages has been patched. Read more

“No remedy available as of June 21, 2021,” according to the researcher who discovered the easy-to-exploit, no-user-action-required bug. Read more

Chipmaker patches nine high-severity bugs in its Jetson SoC framework tied to the way it handles low-level cryptographic algorithms. Read more

An unsophisticated campaign shows that the pandemic still has long legs when it comes to being social-engineering bait. Read more

… until you reset network settings and stop connecting to a weirdly named network, that is. FUD is spreading. iOS Wi-Fi demolition is not. Read more

Original release date: June 21, 2021   High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info bloofox — bloofoxcms bloofoxCMS 0.5.2.1 is infected with Unrestricted File Upload that allows attackers to upload malicious files (ex: php files). 2021-06-16 7.5 CVE-2020-35760 MISC google — android In avrc_msg_cback of avrc_api.cc, there is… Read more

What’s the low-hanging fruit for ransomware attackers? What steps could help to fend them off, and what’s stopping organizations from implementing those steps? Read more

The intro-level networking gear for SMBs could allow remote attacks designed to steal information, drop malware and disrupt operations. Read more

The incident showcases basic steps that organizations can take to protect themselves as ransomware gangs get smarter. Read more