arbitrary code execution
KDE Warns of Risks with Global Themes After Data Loss Incident
KDE, the developer of the popular Plasma desktop environment for Linux, has issued a warning to users regarding the installation of global themes. While these themes allow for desktop customization, recent incidents ...
Recent Node.js Vulnerabilities Fixed in Ubuntu
Several vulnerabilities within Node.js were identified, posing a significant threat to Ubuntu systems. These vulnerabilities could enable attackers to execute arbitrary code on compromised systems, potentially leading to severe consequences for affected ...
Follina Zero-Day Vulnerability Breakdown: Analysis and Remediation
Background The newest Microsoft Office zero-day vulnerability, Follina, has been causing a buzz around much of the security community. The largest differences between it and most other Office vulnerabilities are that it ...
Attack Kit Hijacks DNS of Home and Business Routers
For the past year, attackers have been using an exploit kit that changes the DNS settings of home and small-business routers through users’ browsers. The tool, dubbed Novidade, was first used in ...
HP Patches High-Risk Vulnerability in Business Printers
HP released security firmware updates this week for dozens of printers, including enterprise models, to fix a high-risk vulnerability that could allow attackers to compromise the devices. The vulnerability, tracked as CVE-2017-2750, ...