-
Hackers exploit 2018 ThinkPHP flaws to install ‘Dama’ web shells
Chinese threat actors are targeting ThinkPHP applications vulnerable to CVE-2018-20062 and CVE-2019-9082 to install a persistent web shell named Dama.
- June 06, 2024
- 05:26 PM
0
-
Zyxel issues emergency RCE patch for end-of-life NAS devices
Zyxel Networks has released an emergency security update to address three critical vulnerabilities impacting older NAS devices that have reached end-of-life.
- June 04, 2024
- 01:28 PM
0
-
Cox fixed an API auth bypass exposing millions of modems to attacks
Cox Communications has fixed an authorization bypass vulnerability that enabled remote attackers to abuse exposed backend APIs to reset millions of modems' settings and steal customers' sensitive personal information.
- June 03, 2024
- 05:10 PM
- 0
-
Azure Service Tags tagged as security risk, Microsoft disagrees
Security researchers at Tenable discovered what they describe as a high-severity vulnerability in Azure Service Tags that could allow attackers to access customers' private data.
- June 03, 2024
- 02:55 PM
- 0
-
Exploit for critical Progress Telerik auth bypass released, patch now
Researchers have published a proof-of-concept (PoC) exploit script demonstrating a chained remote code execution (RCE) vulnerability on Progress Telerik Report Servers.
- June 03, 2024
- 01:58 PM
- 0
-
CISA warns of actively exploited Linux privilege elevation flaw
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added two vulnerabilities in its Known Exploited Vulnerabilities (KEV) catalog, including a Linux kernel privilege elevation flaw.
- May 31, 2024
- 03:30 PM
- 0
-
Check Point releases emergency fix for VPN zero-day exploited in attacks
Check Point has released hotfixes for a VPN zero-day vulnerability exploited in attacks to gain remote access to firewalls and attempt to breach corporate networks.
- May 29, 2024
- 09:31 AM
- 0
-
TP-Link fixes critical RCE bug in popular C5400X gaming router
The TP-Link Archer C5400X gaming router is vulnerable to security flaws that could enable an unauthenticated, remote attacker to execute commands on the device.
- May 27, 2024
- 03:11 PM
- 2
-
GitHub warns of SAML auth bypass flaw in Enterprise Server
GitHub has fixed a maximum severity (CVSS v4 score: 10.0) authentication bypass vulnerability tracked as CVE-2024-4985, which impacts GitHub Enterprise Server (GHES) instances using SAML single sign-on (SSO) authentication.
- May 21, 2024
- 11:01 AM
- 0
-
QNAP QTS zero-day in Share feature gets public RCE exploit
An extensive security audit of QNAP QTS, the operating system for the company's NAS products, has uncovered fifteen vulnerabilities of varying severity, with eleven remaining unfixed.
- May 20, 2024
- 10:57 AM
- 0
-
CISA warns of hackers exploiting Chrome, EoL D-Link bugs
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added three security vulnerabilities to its 'Known Exploited Vulnerabilities' catalog, one impacting Google Chrome and two affecting some D-Link routers.
- May 19, 2024
- 10:17 AM
- 0
-
PoC exploit released for RCE zero-day in D-Link EXO AX4800 routers
The D-Link EXO AX4800 (DIR-X4860) router is vulnerable to remote unauthenticated command execution that could lead to complete device takeovers by attackers with access to the HNAP port.
- May 14, 2024
- 06:10 PM
- 0
-
Windows 10 KB5037768 update released with new features and 20 fixes
Microsoft has released the KB5037768 cumulative update for Windows 10 21H2 and Windows 10 22H2 with twenty changes, including account notifications in the Start Menu and Widgets on the lock screen.
- May 14, 2024
- 01:59 PM
- 6
-
Microsoft May 2024 Patch Tuesday fixes 3 zero-days, 61 flaws
Today is Microsoft's May 2024 Patch Tuesday, which includes security updates for 61 flaws and three actively exploited or publicly disclosed zero days.
- May 14, 2024
- 01:49 PM
- 3
-
Google Chrome emergency update fixes 6th zero-day exploited in 2024
Google has released emergency security updates for the Chrome browser to address a high-severity zero-day vulnerability tagged as exploited in attacks.
- May 14, 2024
- 04:10 AM
- 0
-
Google fixes fifth Chrome zero-day exploited in attacks this year
Google has released a security update for the Chrome browser to fix the fifth zero-day vulnerability exploited in the wild since the start of the year.
- May 10, 2024
- 04:08 AM
- 1
-
Widely used modems in industrial IoT devices open to SMS attack
Security flaws in Telit Cinterion cellular modems, widely used in sectors including industrial, healthcare, and telecommunications, could allow remote attackers to execute arbitrary code via SMS.
- May 10, 2024
- 04:00 AM
- 0
-
Citrix warns admins to manually mitigate PuTTY SSH client bug
Citrix notified customers this week to manually mitigate a PuTTY SSH client vulnerability that could allow attackers to steal a XenCenter admin's private SSH key.
- May 09, 2024
- 03:27 PM
- 0
-
Over 50,000 Tinyproxy servers vulnerable to critical RCE flaw
Nearly 52,000 internet-exposed Tinyproxy instances are vulnerable to CVE-2023-49606, a recently disclosed critical remote code execution (RCE) flaw.
- May 07, 2024
- 01:07 PM
- 0
-
CISA urges software devs to weed out path traversal vulnerabilities
CISA and the FBI urged software companies today to review their products and eliminate path traversal security vulnerabilities before shipping.
- May 02, 2024
- 03:38 PM
- 0
0
-
Remove the Theonlinesearch.com Search Redirect
Filed Under: Adware -
Remove the Smartwebfinder.com Search Redirect
Filed Under: Adware -
How to remove the PBlock+ adware browser extension
Filed Under: Adware -
Remove the Toksearches.xyz Search Redirect
Filed Under: Adware -
Remove the Smashapps.net Search Redirect
Filed Under: Adware
-
Version: 5.1.5.1165M+ Downloads
-
Version: 1.33.07554,224 Downloads
-
Version: 0.8141,953 Downloads
-
Version: NA103,249 Downloads
-
Version: NA150,238 Downloads
