Researchers demonstrated 1-click exploit for Atlassian's project and #software development platform that could potentially be exploited to take over an account and control apps connected via SSO functionality.
Read: https://thehackernews.com/2021/06/one-click-exploit-could-have-let.html
Read: https://thehackernews.com/2021/06/one-click-exploit-could-have-let.html
The Hacker News
One-Click Exploit Could Have Let Attackers Hijack Any Atlassian Account
Attackers could have hacked any Atlassian account using a one-click exploit
👍1
A critical vulnerability in Mozilla's cross-platform Network Security Services (NSS) cryptographic library potentially affects a number of #software, including email clients & PDF viewers, such as Thunderbird, LibreOffice, Evolution.
Details: https://thehackernews.com/2021/12/critical-bug-in-mozillas-nss-crypto.html
Details: https://thehackernews.com/2021/12/critical-bug-in-mozillas-nss-crypto.html
Multiple critical vulnerabilities have been discovered in Moxa MXview web-based industrial network management #software, some of which could be exploited by an unauthenticated attacker to execute remote code on unpatched servers.
Read: https://thehackernews.com/2022/02/critical-security-flaws-reported-in.html
Read: https://thehackernews.com/2022/02/critical-security-flaws-reported-in.html
👍1
A Google security researcher has discovered a new set of vulnerabilities in Zoom video conferencing #software that could allow attackers to hack into victims' systems simply by sending them malicious messages over the XMPP protocol.
Read: https://thehackernews.com/2022/05/new-zoom-flaws-could-let-attackers-hack.html
Read: https://thehackernews.com/2022/05/new-zoom-flaws-could-let-attackers-hack.html
CISA has added 10 actively exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, including flaws in dotCMS, CouchDB, WebRTC, iOS, macOS, and Delta Electronics' industrial automation #software.
Details: https://thehackernews.com/2022/08/cisa-adds-10-new-known-actively.html
Details: https://thehackernews.com/2022/08/cisa-adds-10-new-known-actively.html
👍20😱15👏6🤔1
U.S. cybersecurity agency CISA has issued a new order directing federal agencies to regularly track all assets and #software vulnerabilities on their networks.
Read: https://thehackernews.com/2022/10/cisa-orders-federal-agencies-to.html
Read: https://thehackernews.com/2022/10/cisa-orders-federal-agencies-to.html
🤯17😁5👍3🔥2👏2
This severe vulnerability affecting the Amazon ECR Public Gallery may have opened the repositories to potential "deep #software supply chain" attacks.
Read: https://thehackernews.com/2022/12/serious-attacks-could-have-been-staged.html
Read: https://thehackernews.com/2022/12/serious-attacks-could-have-been-staged.html
🤯19👍10🔥4⚡1
A new malvertising campaign has been discovered that targets people searching for popular #software. This campaign uses Google Ads to spread Trojanized variants that deploy malware, including Raccoon Stealer and Vidar.
Read: https://thehackernews.com/2022/12/new-malvertising-campaign-via-google.html
Read: https://thehackernews.com/2022/12/new-malvertising-campaign-via-google.html
👍33😁8⚡3