Cisco fixes bugs in IOS XR Software
Cisco has released security patches to address a medium-severity vulnerability affecting IOS XR Software, tracked as CVE-2022-20821 with a CVSS score: 6.5, that threat actors are actively exploiting in attacks…
Canada bans Huawei and ZTE
The Canadian government has banned the use of Huawei and ZTE tech in its 5G networks, as part of a new telecommunications security framework. Canada has already excluded the two…
Critical Issues patched in Strapi – could lead to a data breach
Researchers uncovered two critical vulnerabilities in JSON that can expose data in the open-source Node.js headless content management system Strapi. Strapi is a popular open-source headless CMS software with built-in…
Kubernetes instances exposed in open internet
Shadowserver Foundation has scanned internet for Kubernetes API servers and found roughly 380,000 that allow some form of access. ShadowServer is conducting daily scans of the IPv4 space on ports…
Discord NFT Targeted Maliciously
Hackers have targeted Discord groups in an attempt to get users to click on malicious links. NFTs are assets built on blockchain technology to represent artwork, videogames and other digital…
Patch Known Exploits Fast Rather Than Going Behind Zero Days
Enterprise IT security strategies should align by patching their systems for known vulnerabilities, rather than chasing a fix for every zero-day that emerges – a research study on APT revealed.…
WordPress Jupiter Plugin bug could lead to Privilege Escalation
WordPress security analysts have discovered a set of vulnerabilities impacting the Jupiter Theme and JupiterX Core plugins for WordPress, one of which is a critical privilege escalation flaw. Jupiter is…
Threat Actors evade and target Sql servers
Microsoft Security Intelligence comes with a warning about an attack campaign targeting SQL servers and using a new approach to evade PowerShell monitoring. Threat actors are using sqlps.exe, a utility…