πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
@cibsecurity
25.8K subscribers
89.2K links
πŸ—ž The finest daily news on cybersecurity and privacy.

πŸ”” Daily releases.

πŸ’» Is your online life secure?

πŸ“© lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
25.8K subscribers
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ The Silent Threat of APIs: What the New Data Reveals About Unknown Risk πŸ•΄

The rapid growth of APIs creates a widening attack surface and increasing unknown cybersecurity risks.

πŸ“– Read

via "Dark Reading".
Dark Reading
The Silent Threat of APIs: What the New Data Reveals About Unknown Risk
The rapid growth of APIs creates a widening attack surface and increasing unknown cybersecurity risks.
πŸ”₯1
526 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
🦿 This Complete Ethical Hacking Bundle is Less Than $50 🦿

Get a comprehensive, potentially lucrative ethical hacking education with 18 courses on today's top tools and tech. This bundle is just $45.99 now.

πŸ“– Read

via "Tech Republic".
TechRepublic
Price Drop: This Complete Ethical Hacking Bundle is Now $33
Get a comprehensive, potentially lucrative ethical hacking education with 18 courses on today's top tools and tech. This bundle is just $32.97.
500 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
🦿 TechRepublic Premium Editorial Calendar: Policies, Checklists, Hiring Kits and Research for Download 🦿

TechRepublic Premium content helps you solve your toughest IT issues and jump-start your career or next project.

πŸ“– Read

via "Tech Republic".
TechRepublic
TechRepublic Premium Editorial Calendar: Policies, Hiring Kits, and Glossaries for Download
TechRepublic Premium content helps you solve your toughest IT issues and jump-start your career or next project.
476 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-44266 β€Ό

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jewel Theme WP Adminify plugin <=Γ‚ 3.1.6 versions.

πŸ“– Read

via "National Vulnerability Database".
400 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-44145 β€Ό

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in jesweb.Dev Anchor Episodes Index (Spotify for Podcasters) plugin <=Γ‚ 2.1.7 versions.

πŸ“– Read

via "National Vulnerability Database".
400 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-44264 β€Ό

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Arrow Plugins The Awesome Feed Γ’β‚¬β€œ Custom Feed plugin <=Γ‚ 2.2.5 versions.

πŸ“– Read

via "National Vulnerability Database".
399 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-44144 β€Ό

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Dreamfox Payment gateway per Product for WooCommerce plugin <=Γ‚ 3.2.7 versions.

πŸ“– Read

via "National Vulnerability Database".
330 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-44239 β€Ό

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jobin Jose WWM Social Share On Image Hover plugin <=Γ‚ 2.2 versions.

πŸ“– Read

via "National Vulnerability Database".
334 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-44245 β€Ό

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Leap Contractor Contact Form Website to Workflow Tool plugin <=Γ‚ 4.0.0 versions.

πŸ“– Read

via "National Vulnerability Database".
319 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-44265 β€Ό

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Popup contact form plugin <=Γ‚ 7.1 versions.

πŸ“– Read

via "National Vulnerability Database".
291 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-3768 β€Ό

Incorrect data input validation vulnerability, which could allow an attacker with access to the network to implement fuzzing techniques that would allow him to gain knowledge about specially crafted packets that would create a DoS condition through the MMS protocol when initiating communication, achieving a complete system reboot of the device and its services.

πŸ“– Read

via "National Vulnerability Database".
329 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-44230 β€Ό

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Popup contact form plugin <=Γ‚ 7.1 versions.

πŸ“– Read

via "National Vulnerability Database".
323 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-5160 β€Ό

Mattermost fails to check the Show Full Name option at the /api/v4/teams/TEAM_ID/top/team_members endpoint allowingΓ‚ a member to get the full name of another user even if the Show Full Name option was disabled

πŸ“– Read

via "National Vulnerability Database".
376 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-44262 β€Ό

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Renzo Johnson Blocks plugin <=Γ‚ 1.6.41 versions.

πŸ“– Read

via "National Vulnerability Database".
378 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-44242 β€Ό

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in 2J Slideshow Team Slideshow, Image Slider by 2J plugin <=Γ‚ 1.3.54 versions.

πŸ“– Read

via "National Vulnerability Database".
403 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-44228 β€Ό

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Onclick show popup plugin <=Γ‚ 8.1 versions.

πŸ“– Read

via "National Vulnerability Database".
398 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-44263 β€Ό

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Riyaz Social Metrics plugin <=Γ‚ 2.2 versions.

πŸ“– Read

via "National Vulnerability Database".
386 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ Making Sense of Today's Payment Cybersecurity Landscape πŸ•΄

PCI DSS v4.0 is the future of the payment card industry's information security standard, but businesses must continue to look beyond this guidance and engage in proactive strategies of their own.

πŸ“– Read

via "Dark Reading".
Dark Reading
Making Sense of Today's Payment Cybersecurity Landscape
PCI DSS v4.0 is the future of the payment card industry's information security standard, but businesses must continue to look beyond this guidance and engage in proactive strategies of their own.
422 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-5106 β€Ό

An issue has been discovered in Ultimate-licensed GitLab EE affecting all versions starting 13.12 prior to 16.2.8, 16.3.0 prior to 16.3.5, and 16.4.0 prior to 16.4.1 that could allow an attacker to impersonate users in CI pipelines through direct transfer group imports.

πŸ“– Read

via "National Vulnerability Database".
394 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-41580 β€Ό

Phpipam before v1.5.2 was discovered to contain a LDAP injection vulnerability via the dname parameter at /users/ad-search-result.php. This vulnerability allows attackers to enumerate arbitrary fields in the LDAP server and access sensitive data via a crafted POST request.

πŸ“– Read

via "National Vulnerability Database".
392 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ›  TOR Virtual Network Tunneling Tool 0.4.8.7 πŸ› 

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs). This is the source code release.

πŸ“– Read

via "Packet Storm Security".
Packetstormsecurity
TOR Virtual Network Tunneling Tool 0.4.8.7 β‰ˆ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
400 views