security flaw Archives

ServiceNow Fixes Flaw That Could Lead to Unauthorized Access to Instances

Jeffrey Burt | June 11, 2026 | bug bounty programs, Cloud Security, reddit, security flaw, servicenow security, Unauthorized Access, vulnerability

ServiceNow this month fixed a flaw in its cloud platform that could have given attackers unauthorized access to user instances, but said that the "anomalous activity" related to the vulnerability likely was ...

Security Boulevard

vulnerabilities, root cause, Microsoft Storm-1152 fake accounts CaaS

RondoDox Botnet Operators Set React2Shell Flaw in Their Sights

Jeffrey Burt | January 6, 2026 | CloudSEK, IoT botnet, Mirai botnet, Next.js vulnerability, React2Shell Vulnerability, Rewterz, RondoDox botnet, security flaw

The operators behind the highly adaptable RondoDox botnet campaign that kicked off in late March have proven to be ready to embrace the latest attack trends. Most recently, in December they began ...

Security Boulevard

Threat Actors Exploiting Critical ‘MongoBleed’ MongoDB Flaw

Jeffrey Burt | December 29, 2025 | Aikido Security, Data breach, Microsoft SQL Server, MongoBleed, MongoDB hack, open source database, Oracle, OX Security, security flaw, Ubisoft, Vulnerability Exploitation, Wiz

A high-severity flaw in MongoDB instances could allow unauthenticated remote bad actors to leak sensitive data from MongoDB servers. Dubbed "MongoBleed," the security flaw is being exploited in the wild after a ...

Security Boulevard

The Tea App Hack: How a “Safe” Space Leaked 13,000 ID Photos & 1.1M Messages

In this episode we’re discussing the alarming breach of the Tea app, a platform intended for women to share dating experiences. The hack resulted in the exposure of over 13,000 government ID ...

Shared Security Podcast

NIST CSF vulnerabilities ransomware backlog

NIST Deprioritizes Pre-2018 CVEs as Backlog Struggles Continue

Jeffrey Burt | April 9, 2025 | app vulnerabilities, NIST, NIST CVE Backlog, security flaw

NIST, which for more than a year has been struggling to address a backlog of CVEs in its database following budget cuts, is now putting pre-2018 vulnerabilities on the back burner to ...

Security Boulevard

HTTP/2 Vulnerability: Protect Web Servers from DoS Attacks

Wajahat Raja | April 17, 2024 | CERT Coordination Center (CERT/CC), CVE (Common Vulnerabilities and Exposures), Cybersecurity, Cybersecurity News, Denial-of-Service (DoS), HTTP/2, Network Protocol, patch management, Performance Degradation, security flaw, Server Performance, Service Disruption, software update, vulnerability, Vulnerability Exploitation, Web security, Web Server Security

In the digital landscape, security is paramount, especially for web servers handling vast amounts of data. As per recent reports, a vulnerability has emerged within the HTTP/2 protocol, shedding light on potential ...

TuxCare

LayerSlider Plugin Flaw Exposes 1M Sites To SQL Injections

Wajahat Raja | April 15, 2024 | CVE-2024-2879, Cybersecurity, Cybersecurity News, Data breach, exploitation, LayerSlider Plugin, patch management, security flaw, sql injection, threat actors, vulnerability, vulnerability assessment, Website Protection, Website Security, wordpress security

Recent media reports have revealed a crucial LayerSlider plugin flaw. According to these reports, this flaw has exposed numerous WordPress sites to SQL attacks and infections. If exploited, the flaw allows users ...

TuxCare

Cisco Vulnerability Fix: Protection From High-Risk Threats

Wajahat Raja | January 26, 2024 | Cisco Security Update, Cisco Vulnerability, CVE-2024-20272, CVSS score, Cybersecurity News, cybersecurity threats, FTC Cybersecurity Regulations, Network Security, security flaw, software patching, Unity Connection

In recent developments, Cisco has taken swift action to address a critical security flaw impacting Unity Connection, a vulnerability marked as CVE-2024-20272, with a concerning CVSS score of 7.3. This flaw could ...

TuxCare

DarkCasino WinRAR Exploit: A New APT Threat Emerges

Wajahat Raja | November 30, 2023 | Advanced persistent threat, APT Threat, Cryptocurrency Users, CVE-2023-38831, CVSS score, Cybersecurity, Cybersecurity News, DarkCasino, DarkCasino Malicious Activity, DarkMe Trojan, EvilNum, NSFOCUS, Online Financial Services, phishing campaign, security flaw, WinRAR Exploit

In a recent cybersecurity revelation, a formidable and highly sophisticated cyber threat has surfaced, going by the name DarkCasino. Initially perceived as a phishing campaign orchestrated by the EvilNum group, recent analyses ...

TuxCare

Kinsing Actors Target Cloud Environments Exploiting Looney Tunables

Rohan Timalsina | November 14, 2023 | cloud environments, Cloud Threats, Cyber Threats, Cybersecurity Weaknesses, enterprise security, KernelCare Enterprise, Kinsing malware, Linux & Open Source News, linux exploits, linux live patching, Looney Tunables, security flaw

Recently, there has been a concerning development in the world of cloud security. A group of threat actors linked to Kinsing is actively targeting cloud environments. They are doing this by taking ...

TuxCare

security flaw

Senator Sanders Wants to Own AI Companies — and Hand America’s Adversaries the Keys

NIST’s Nine: The PQC Signature Race Moves to Round Three

The Quantum Arms Race: Why Washington Just Wrote a $2 Billion Check to Nine Companies

Beyond Moore’s Law: The Hyper-Acceleration of Autonomous AI Cyber Capabilities

The Exception Economy: When Security Teams Stop Protecting and Start Negotiating

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On