Securin experts have discovered a Zero Day vulnerability with medium severity in Tenableโs Nessus Professional scanner.
Apache Log4j vulnerability is a critical zero-day code execution vulnerability. On December 9, 2021, the Internet was set on fire when an exploit was posted publicly for Apache Log4J - a well-known logging utility in the Java programming language.
An unpatched vulnerability tracked as CVE-2022-30190 (aka Follina) in the remote Word template feature enables adversaries to execute malicious code on targeted systems of Microsoft Office.
Apache Log4j vulnerability CVE-2021-44228 is a critical zero-day code execution vulnerability with a CVSS base score of 10. This weakness poses a significant risk to many applications and cloud services and it needs to be patched right away!
A zero-day RCE vulnerability in Java Spring Core library is predicted to be the next Log4j. Are you prepared for the impending Spring4Shell threat?
In this blog, CSW experts analyzed CISAโs Known Exploited Vulnerabilities (KEV) list for latencies in publishing, exploiting, and patching to understand how fast attackers are weaponizing them for attacks.
Securin discovered and reported a Stored Cross-Site Scripting vulnerability in WordPress Post Duplicator Plugin that allows an authenticated attacker to inject a JavaScript payload into a trusted URL.
Cyber Security Works has discovered a new zero-day (Stored Cross-Site Scripting) vulnerability, CVE-2021-33851 in WordPress Customize Login Image.
An APT group is using CVE-2021-44077 and CVE-2021-44515 in Zoho ManageEngine ServiceDesk Plus and Desktop Central Servers to compromise businesses in a range of industries, including military and technology.
Cyber Security Works has discovered a new zero-day (Cross-Site Scripting) vulnerability, CVE-2021-33850 in WordPress Microsoft Clarity.
On September 1, 2021, CSW researchers discovered a Cross-Site Scripting (XSS) zero-day vulnerability in Zoho CRM Lead Magnet Version 1.7.2.4. Read on to find out more about the vulnerability.
The US defense industrial base sector and many organizations from critical industries were recently affected by an unpatched critical remote code execution flaw in the Solarwinds Serv-U FTP server software that was exploited by a new Chinese threat group.