SecurityWeek

Organizations Warned of Exploited Zimbra Collaboration Vulnerability

CISA has expanded the KEV list with exploited vulnerabilities in Zimbra, eslint-config-prettier, Versa Concerto, and Vite ...

CISA confirms active exploitation of four enterprise software bugs

The Cybersecurity and Infrastructure Security Agency (CISA) in the U.S. warned of active exploitation of four vulnerabilities ...
CSO Online

Critical jsPDF vulnerability enables arbitrary file read in Node.js deployments

The path traversal bug allows attackers to include arbitrary filesystem content in generated PDFs when file paths are not properly validated.
Cyber Daily

Four vulnerabilities added to CISA’s ‘known exploited’ listing

Hackers are reportedly having a field day with vulnerabilities in Vite, Versa Concerto, Zimbra Collaboration Suite, and ...
Searchenginejournal.com

WordPress Vulnerability in Essential Addons for Elementor

According to the U.S. Government NIST website, vulnerabilities on the Essential Addons for Elementor plugin made it possible for an attacker to launch a a Local File Inclusion attack, which is an ...

Critical jsPDF flaw lets hackers steal secrets via generated PDFs

The jsPDF library for generating PDF documents in JavaScript applications is vulnerable to a critical vulnerability that allows an attacker to steal sensitive data from the local filesystem by ...
Infosecurity-magazine.com

High-Severity Vulnerability Discovered in Popular CMS

A high-severity vulnerability has been discovered in PHPFusion, an open-source content management system (CMS) used by over 15 million websites worldwide to manage and customize their content and ...
Techzine Europe

Cloudflare vulnerability made every host accessible

A critical vulnerability in Cloudflare's Web Application Firewall (WAF) gave attackers easy access to otherwise protected ...