Hot Topics

arbitrary code execution

KDE Warns of Risks with Global Themes After Data Loss Incident

| | arbitrary code execution, Cybersecurity Weaknesses, Data loss, KDE, kde desktop environment, kde global themes, KDE Plasma, kde security, kde store, kde warnings, Linux & Open Source News, linux systems, Malicious code injection, plasma themes, security risks
KDE, the developer of the popular Plasma desktop environment for Linux, has issued a warning to users regarding the installation of global themes. While these themes allow for desktop customization, recent incidents ...
TuxCare

Recent Node.js Vulnerabilities Fixed in Ubuntu

| | arbitrary code execution, Extended Lifecycle Support, improper input handling, Linux & Open Source News, linux live patching, linux systems, node.js, Node.js developers, Node.js vulnerabilities, security patches, security vulnerabilites, Ubuntu 18.04 End of Life, ubuntu 18.04 security updates, Ubuntu 18.04 security vulnerabilities, Ubuntu 20.04, Ubuntu 22.04, Ubuntu Security Fixes, Ubuntu Security Updates
Several vulnerabilities within Node.js were identified, posing a significant threat to Ubuntu systems. These vulnerabilities could enable attackers to execute arbitrary code on compromised systems, potentially leading to severe consequences for affected ...
TuxCare
Follina Zero-Day Vulnerability Breakdown: Analysis and Remediation

Follina Zero-Day Vulnerability Breakdown: Analysis and Remediation

| | arbitrary code execution, Automation, Intelligent automation, Security Automation, threat detection, Vulnerabilities, zero-day
Background The newest Microsoft Office zero-day vulnerability, Follina, has been causing a buzz around much of the security community. The largest differences between it and most other Office vulnerabilities are that it ...
Blog | LogicHub®
Contrast Security

Attack Kit Hijacks DNS of Home and Business Routers

| | adobe, arbitrary code execution, CSRF attack, DNS hijacking, Exploit Kit, Novidade, router compromise, security update
For the past year, attackers have been using an exploit kit that changes the DNS settings of home and small-business routers through users’ browsers. The tool, dubbed Novidade, was first used in ...
Security Boulevard
HP Patches High-Risk Vulnerability in Business Printers

HP Patches High-Risk Vulnerability in Business Printers

| | arbitrary code execution, CVE-2017-2750, Data leak, firmware security, firmware update, GitHub repository, hard-coded credentials, HP, printer, printer security, signature validation, Uber, vulnerability
HP released security firmware updates this week for dozens of printers, including enterprise models, to fix a high-risk vulnerability that could allow attackers to compromise the devices. The vulnerability, tracked as CVE-2017-2750, ...