ZOHO Zero Day Vulnerability

Zoho has released a security patch to address an authentication bypass vulnerability, tracked as CVE-2021-40539, in its Manage Engine AD Self-Service Plus. The vulnerability is already exploited in attacks in…
Microsoft Exchange New ProxyToken Headache

Microsoft Exchange New ProxyToken Headache

A critical vulnerability in Microsoft Exchange Server dubbed as ProxyToken could allow an unauthenticated attacker to access and steal emails from a target’s mailbox. Microsoft Exchange uses two websites.The front-end…
Razer Pops Up with Zero Day

Razer Pops Up with Zero Day

Razer is a very popular computer peripherals manufacturer known for its gaming mouses and keyboards. A Razer Synapse zero-day vulnerability allowing user to gain Windows admin privileges simply by plugging…
Trend micro Zeroday Exploited

Trend micro Zeroday Exploited

Trend Micro released security patches for multiple incorrect permission assignment privilege escalation, incorrect permission preservation authentication bypass, arbitrary file upload, and local privilege escalation vulnerabilities in Apex One and Apex…
Patch Tuesday August 2021

Patch Tuesday August 2021

Microsoft patched 44 CVEs in the August 2021 Patch Tuesday release, including seven CVEs rated as critical and 37 rated as important. This month’s update includes patches for: .NET Core…
Mobile platforms Should Obstructs Zeroday Hunts

Mobile platforms Should Obstructs Zeroday Hunts

Tait, an outspoken researcher who has held stints at Google’s Project Zero and the U.K.’s GCHQ intelligence agency, said mobile platforms must immediately start providing improved “on-device observability” to help…