Skip to content
software vulnerability Page 71

software vulnerability

6,500 Axis Servers Expose Remoting Protocol, 4,000 in U.S. Vulnerable to Exploits

6,500 Axis Servers Expose Remoting Protocol, 4,000 in U.S. Vulnerable to Exploits

Aug 07, 2025Ravie LakshmananVulnerability / Threat Intelligence Cybersecurity researchers have disclosed multiple security flaws in video surveillance products from Axis Communications that, if successfully exploited, could expose them to takeover attacks. “The attack results in… 

Read More »6,500 Axis Servers Expose Remoting Protocol, 4,000 in U.S. Vulnerable to Exploits
SonicWall Confirms Patched Vulnerability Behind Recent VPN Attacks, Not a Zero-Day

SonicWall Confirms Patched Vulnerability Behind Recent VPN Attacks, Not a Zero-Day

Aug 07, 2025Ravie LakshmananNetwork Security / Vulnerability SonicWall has revealed that the recent spike in activity targeting its Gen 7 and newer firewalls with SSL VPN enabled is related to an older, now-patched bug and… 

Read More »SonicWall Confirms Patched Vulnerability Behind Recent VPN Attacks, Not a Zero-Day
How to Stop Python Supply Chain Attacks—and the Expert Tools You Need

How to Stop Python Supply Chain Attacks—and the Expert Tools You Need

Aug 07, 2025The Hacker NewsDevSecOps / Supply Chain Security Python is everywhere in modern software. From machine learning models to production microservices, chances are your code—and your business—depends on Python packages you didn’t write. But… 

Read More »How to Stop Python Supply Chain Attacks—and the Expert Tools You Need
Researchers Uncover ECScape Flaw in Amazon ECS Enabling Cross-Task Credential Theft

Researchers Uncover ECScape Flaw in Amazon ECS Enabling Cross-Task Credential Theft

Aug 06, 2025Ravie LakshmananDevOps / Container Security Cybersecurity researchers have demonstrated an “end-to-end privilege escalation chain” in Amazon Elastic Container Service (ECS) that could be exploited by an attacker to conduct lateral movement, access sensitive… 

Read More »Researchers Uncover ECScape Flaw in Amazon ECS Enabling Cross-Task Credential Theft
Fake VPN and Spam Blocker Apps Tied to VexTrio Used in Ad Fraud, Subscription Scams

Fake VPN and Spam Blocker Apps Tied to VexTrio Used in Ad Fraud, Subscription Scams

The malicious ad tech purveyor known as VexTrio Viper has been observed developing several malicious apps that have been published on Apple and Google’s official app storefronts under the guise of seemingly useful applications. These… 

Read More »Fake VPN and Spam Blocker Apps Tied to VexTrio Used in Ad Fraud, Subscription Scams
AI Slashes Workloads for vCISOs by 68% as SMBs Demand More – New Report Reveals

AI Slashes Workloads for vCISOs by 68% as SMBs Demand More – New Report Reveals

Aug 06, 2025The Hacker NewsCompliance / Security Operations As the volume and sophistication of cyber threats and risks grow, cybersecurity has become mission-critical for businesses of all sizes. To address this shift, SMBs have been… 

Read More »AI Slashes Workloads for vCISOs by 68% as SMBs Demand More – New Report Reveals
Microsoft Launches Project Ire to Autonomously Classify Malware Using AI Tools

Microsoft Launches Project Ire to Autonomously Classify Malware Using AI Tools

Aug 06, 2025Ravie LakshmananArtificial Intelligence / Threat Detection Microsoft on Tuesday announced an autonomous artificial intelligence (AI) agent that can analyze and classify software without assistance in an effort to advance malware detection efforts. The… 

Read More »Microsoft Launches Project Ire to Autonomously Classify Malware Using AI Tools
Trend Micro Confirms Active Exploitation of Critical Apex One Flaws in On-Premise Systems

Trend Micro Confirms Active Exploitation of Critical Apex One Flaws in On-Premise Systems

Aug 06, 2025Ravie LakshmananVulnerability / Endpoint Security Trend Micro has released mitigations to address critical security flaws in on-premise versions of Apex One Management Console that it said have been exploited in the wild. The… 

Read More »Trend Micro Confirms Active Exploitation of Critical Apex One Flaws in On-Premise Systems
CERT-UA Warns of HTA-Delivered C# Malware Attacks Using Court Summons Lures

CERT-UA Warns of HTA-Delivered C# Malware Attacks Using Court Summons Lures

Aug 06, 2025Ravie LakshmananCyber Espionage / Malware The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of cyber attacks carried out by a threat actor called UAC-0099 targeting government agencies, the defense forces, and… 

Read More »CERT-UA Warns of HTA-Delivered C# Malware Attacks Using Court Summons Lures