Critical RCE flaw in Apache Tomcat actively exploited in attacks
Critical ignoring as a core competence for digital citizens (2022)

[Submitted on 30 Aug 2023] Download PDF Abstract: What3Words is a geocoding application that uses triples of words instead of alphanumeric coordinates to identify locations. What3Words has grown rapidly in popularity over the past few ye

June 1, 2023 On May 31, 2023, Progress Software released a security bulletin concerning a critical vulnerability within MOVEit Transfer, a widely used secure file transfer system. According to Shodan, over 2500 servers running this software are on the Internet. TrustedSec has performed analysis on the vulnerability and post-exploitation activities. At the time of publication

CVE-2023-2868 — Attackers then went on to steal data from infected systems. Dan Goodin – May 30, 2023 11:58 pm UTC A critical vulnerability patched 10 days ago in widely used email software from IT security company Barracuda Networks has been under active exploitation since October. The vulnerability has been used to install multiple pieces

Something went wrong, but don’t fret — let’s g

A security researcher recently disclosed several vulnerabilities in Nexx smart devices that could allow an attacker to control garage doors, disable home alarms, and access sensitive information. The five security issues range in severity from medium to critical, and the vendor has yet to acknowledge and fix them. The most significant vulnerability discovered is the