Ransomware groups are abusing unpatched versions of a Linux-based Mitel VoIP (Voice over Internet Protocol) application and using it as a springboard plant malware on targeted systems. The critical remote code execution (RCE) flaw, tracked as CVE-2022-29499, was first report by Crowdstrike in April as a zero-day vulnerability and is now patched. Mitel is popularly […]
A critical flaw in the PlayStation Now cloud application could have let attackers inject malicious code on Windows-operating devices. The vulnerability was reported on May 13 by bug hunter Parsia Hakimian, and fixed on June 25 by the online gaming giant. The bug, residing in an insecure AGL application, affected PlayStation Now versions 11.0.2 and […]
The vulnerability, tracked as CVE-2020-13671, has been classified as critical, but it’s worth mentioning that Drupal uses the NIST Common Misuse Scoring System, which assigns vulnerabilities a score ranging between 0 and 25, with “critical” being only the second highest rating, after “highly critical.” An attacker who can upload files to a server can use […]
Latest Comments