βΌ CVE-2023-27889 βΌ
π Read
via "National Vulnerability Database".
Cross-site request forgery (CSRF) vulnerability in LIQUID SPEECH BALLOON versions prior to 1.2 allows a remote unauthenticated attacker to hijack the authentication of a user and to perform unintended operations by having a user view a malicious page.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22711 βΌ
π Read
via "National Vulnerability Database".
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Agent Evolution IMPress Listings plugin <=Γ 2.6.2 versions.π Read
via "National Vulnerability Database".
β Low-level motherboard security keys leaked in MSI breach, claim researchers β
π Read
via "Naked Security".
What can you do if someone steals your keys but you can't change the lock? We explain the dilemma in plain English.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π’ Capita cyber attack could cost firm up to $25 million in fees π’
π Read
via "ITPro".
Capitaβs costs in the wake of a cyber attack could exceed expectations, experts have warned π Read
via "ITPro".
ITPro
Capita cyber attack could cost firm up to $25 million in fees
Capitaβs costs in the wake of a cyber attack could exceed expectations, experts have warned
π’ How the channel can help secure the future of work π’
π Read
via "ITPro".
Hybrid work security issues pose challenges for businesses, but this is where the channel has an opportunity to step in and support partners π Read
via "ITPro".
channelpro
How the channel can help secure the future of work
Hybrid work security issues pose challenges for businesses, but this is where the channel has an opportunity to step in and support partners
β Bootkit zero-day fix β is this Microsoftβs most cautious patch ever? β
π Read
via "Naked Security".
When blocking buggy bootup modules, you have to be really careful not to lock your keys inside the car...π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
βΌ CVE-2022-47137 βΌ
π Read
via "National Vulnerability Database".
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPManageNinja LLC Ninja Tables plugin <=Γ 4.3.4 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2022-46861 βΌ
π Read
via "National Vulnerability Database".
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Zia Imtiaz Custom Login Page Styler for WordPress plugin <=Γ 6.2 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2022-47600 βΌ
π Read
via "National Vulnerability Database".
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Mass Email To users plugin <=Γ 1.1.4 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2022-47423 βΌ
π Read
via "National Vulnerability Database".
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ulf Benjaminsson WP-dTree plugin <=Γ 4.4.5 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2022-27856 βΌ
π Read
via "National Vulnerability Database".
Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Atlas Gondal Export All URLs plugin <=Γ 4.1 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2022-47436 βΌ
π Read
via "National Vulnerability Database".
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in MantraBrain Yatra plugin <=Γ 2.1.14 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2022-46819 βΌ
π Read
via "National Vulnerability Database".
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Continuous announcement scroller plugin <=Γ 13.0 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2022-47606 βΌ
π Read
via "National Vulnerability Database".
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Tim Stephenson WP-CORS plugin <=Γ 0.2.1 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2022-47441 βΌ
π Read
via "National Vulnerability Database".
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Charitable Donations & Fundraising Team Donation Forms by Charitable plugin <=Γ 1.7.0.10 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2022-46817 βΌ
π Read
via "National Vulnerability Database".
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Flyzoo Flyzoo Chat plugin <=Γ 2.3.3 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2022-47587 βΌ
π Read
via "National Vulnerability Database".
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Cornel Raiu WP Search Analytics plugin <=Γ 1.4.5 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2022-33961 βΌ
π Read
via "National Vulnerability Database".
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WaspThemes Visual CSS Style Editor plugin <=Γ 7.5.8 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2022-47590 βΌ
π Read
via "National Vulnerability Database".
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Fugu Maintenance Switch plugin <=Γ 1.5.2 versions.π Read
via "National Vulnerability Database".
π1
π’ US reveals bespoke tool that took down Russian malware operation π’
π Read
via "ITPro".
Snake had been used to steal NATO countriesβ data for 20 years π Read
via "ITPro".
ITPro
US reveals bespoke tool that took down Russian malware operation
Snake had been used to steal NATO countriesβ data for 20 years
π΄ New Startup SquareX Targets Brower-Based Attacks π΄
π Read
via "Dark Reading".
SquareX runs headless browsers in data centers on the user's behalf so that threats never reach the user's machine.π Read
via "Dark Reading".
Dark Reading
Startup SquareX Targets Browser-Based Attacks
SquareX runs headless browsers in data centers on the user's behalf so that threats never reach the user's machine.