Critical RCE Bug in Cisco WebEx Browser Extensions Faces ‘Ongoing Exploitation’

Users of the conferencing platform should update immediately.

Undocumented Intel VISA Tech Can Be Abused, Researchers Allege

Researchers at Black Hat Asia said that Intel VISA, an undocumented testing tool, can be abused using previously-disclosed vulnerabilities.

Zero-Day Bug Lays Open TP-Link Smart Home Router

An exploit would allow an attacker to establish a persistent backdoor for ongoing remote access.

Magento Patches Critical SQL Injection and RCE Vulnerabilities

Magento patched 37 flaws Thursday, including a stored cross-site scripting (XSS) vulnerability that could have let an attacker take over a site.

Gamers Urged to Patch Critical Bugs in GOG Galaxy

Video game digital distribution platform GOG Galaxy Games has patched two critical privilege escalation flaws that could allow arbitrary code execution.

Cisco Releases Security Update for Cisco IOS XE

Original release date: March 28, 2019 Cisco has released a security update to address a vulnerability in Cisco IOS XE. An attacker could exploit this vulnerability to obtain sensitive information. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Cisco Security Advisory and apply the necessary update. This product is provided subject to this Notification and this Privacy & Use policy.

Cybercriminals Have a Heyday with WinRAR Bug in Fresh Campaigns

With new attacks on the Israeli military and social-work educators, exploitation of the 19-year-old flaw shows no signs of slowing down.

Gamers Beware: Nvidia Fixes High-Severity GeForce Experience Bug

Versions of GeForce Experience for Windows before 3.18 are open to a bug that can allow denial of service and remote code execution.

Cisco Releases Flood of Patches for IOS XE, But Leaves Some Routers Open to Attack

The networking giant issued 27 patches impacting a wide range of its products running the ISO XE software.

Ransomware Behind Norsk Hydro Attack Takes On Wiper-Like Capabilities

Researchers are still looking for answers when it comes to LockerGoga’s initial infection method – and what the attackers behind the ransomware really want.