bug

  • Blog
    digitpatrox1 day ago
    16

    Windows 10 KB5046714 update fixes bug preventing app uninstalls

    Microsoft has released the optional KB5046714 Preview cumulative update for Windows 10 22H2 with six bug fixes, including a fix for a bug preventing users from uninstalling or updating packaged applications. The KB5046714 cumulative update preview is part of Microsoft’s “optional non-security preview updates” schedule, typically released at the end of every month. This update allows Windows admins to test…

    Read More »
  • Blog
    digitpatrox5 days ago
    17

    Critical RCE bug in VMware vCenter Server now exploited in attacks

    ​Broadcom warned today that attackers are now exploiting two VMware vCenter Server vulnerabilities, one of which is a critical remote code execution flaw. TZL security researchers reported the RCE vulnerability (CVE-2024-38812) during China’s 2024 Matrix Cup hacking contest. It is caused by a heap overflow weakness in the vCenter’s DCE/RPC protocol implementation and affects products containing vCenter, including VMware vSphere…

    Read More »
  • Blog
    digitpatrox1 week ago
    16

    Critical bug in EoL D-Link NAS devices now exploited in attacks

    ​Attackers now target a critical severity vulnerability with publicly available exploit code that affects multiple models of end-of-life D-Link network-attached storage (NAS) devices. Tracked as CVE-2024-10914, the command injection vulnerability was found by security researcher Netsecfish, who also shared exploitation details and said that unauthenticated attackers could exploit it to inject arbitrary shell commands by sending malicious HTTP GET requests…

    Read More »
  • Blog
    digitpatrox2 weeks ago
    25

    D-Link won’t fix critical bug in 60,000 exposed EoL modems

    Tens of thousands of exposed D-Link routers that have reached their end-of-life are vulnerable to a critical security issue that allows an unauthenticated remote attacker to change any user’s password and take complete control of the device. The vulnerability was discovered in the D-Link DSL6740C modem by security researcher Chaio-Lin Yu (Steven Meow), who reported it to Taiwan’s computer and response center (TWCERTCC).…

    Read More »
  • Blog
    digitpatrox2 weeks ago
    28

    Critical Veeam RCE bug now used in Frag ransomware attacks

    After being used in Akira and Fog ransomware attacks, a critical Veeam Backup & Replication (VBR) security flaw was also recently exploited to deploy Frag ransomware. Code White security researcher Florian Hauser found that the vulnerability (tracked as CVE-2024-40711) is caused by a deserialization of untrusted data weakness that unauthenticated threat actors can exploit to gain remote code execution (RCE)…

    Read More »
  • Blog
    digitpatrox2 weeks ago
    27

    CISA warns of critical Palo Alto Networks bug exploited in attacks

    Today, CISA warned that attackers are exploiting a critical missing authentication vulnerability in Palo Alto Networks Expedition, a migration tool that can help convert firewall configuration from Checkpoint, Cisco, and other vendors to PAN-OS. This security flaw, tracked as CVE-2024-5910, was patched in July, and threat actors can remotely exploit it to reset application admin credentials on Internet-exposed Expedition servers. “Palo Alto Expedition contains…

    Read More »
  • Blog
    digitpatrox2 weeks ago
    19

    Here’s How to Fix the Bug Causing iPhone Notes to Disappear

    Halloween might be over, but the scares just keep coming for some iPhone users, who’ve stumbled across a pretty concerning bug after accepting the updated iCloud Terms and Conditions. Those affected have reported on social media that they’ve lost all files saved in their Notes app, and for very good reason, they’ve been looking for answers. If you’re like me,…

    Read More »
  • Blog
    digitpatrox2 weeks ago
    29

    Cisco bug lets hackers run commands as root on UWRB access points

    Cisco has fixed a maximum severity vulnerability that allows attackers to run commands with root privileges on vulnerable Ultra-Reliable Wireless Backhaul (URWB) access points that provide connectivity for industrial wireless automation. Tracked as CVE-2024-20418, this security flaw was found in Cisco’s Unified Industrial Wireless Software’s web-based management interface. Unauthenticated threat actors can exploit it in low-complexity command injection attacks that…

    Read More »
  • Blog
    digitpatrox3 weeks ago
    20

    Google’s Big Sleep AI model just found a zero-day vulnerability in the wild — but don’t hold your breath for game-changing AI bug hunting tools any time soon

    Google has claimed a vulnerability flagged by its Big Sleep AI model represents the first time an AI tool has found an unknown bug in the wild. Google clarified that this is the first time such a system has detected a memory-safety bug, acknowledging other AI tools have discovered different types of vulnerabilities before. “We believe this is the first…

    Read More »
  • Blog
    digitpatrox3 weeks ago
    34

    Microsoft SharePoint RCE bug exploited to breach corporate network

    A recently disclosed Microsoft SharePoint remote code execution (RCE) vulnerability tracked as CVE-2024-38094 is being exploited to gain initial access to corporate networks. CVE-2024-38094 is a high-severity (CVSS v3.1 score: 7.2) RCE flaw impacting Microsoft SharePoint, a widely used web-based platform functioning as an intranet, document management, and collaboration tool that can seamlessly integrate with Microsoft 365 apps. Microsoft fixed…

    Read More »
Load More
Back to top button
close