Cyber Daily

Four vulnerabilities added to CISA’s ‘known exploited’ listing

Hackers are reportedly having a field day with vulnerabilities in Vite, Versa Concerto, Zimbra Collaboration Suite, and ...
CSO Online

Critical jsPDF vulnerability enables arbitrary file read in Node.js deployments

The path traversal bug allows attackers to include arbitrary filesystem content in generated PDFs when file paths are not properly validated.
Threat Post

Joomla Re-Issues Security Update After Patches Glitch

A security update for the Joomla content management system was pulled and re-issued after problems with the first set of patches for a remote file inclusion and denial of service vulnerability were ...
Hosted on MSN

Zero-day in file-sharing software leads to RCE, and attacks are ongoing

Security research firm Huntress is warning all users of Gladinet's CentreStack and Triofox file-sharing tools to urgently apply an available mitigation, as a zero-day is being actively exploited and ...
Yahoo Finance

Critical vulnerability in SAP NetWeaver under threat of active exploitation

This story was originally published on Cybersecurity Dive. To receive daily news and insights, subscribe to our free daily Cybersecurity Dive newsletter. Security researchers warn that hackers are ...
Bleeping Computer

600K WordPress sites impacted by critical plugin RCE vulnerability

Essential Addons for Elementor, a popular WordPress plugin used in over a million sites, has been found to have a critical remote code execution (RCE) vulnerability in version 5.0.4 and older. The ...