security vulnerability
Zero-Click Flaw in Microsoft Copilot Illustrates AI Agent, RAG Risks
Aim Security researchers found a zero-click vulnerability in Microsoft 365 Copilot that could have been exploited to have AI tools like RAG and AI agents hand over sensitive corporate data to attackers ...
Ghostscript Vulnerability Actively Exploited in Attacks
A significant remote code execution (RCE) vulnerability was identified in the Ghostscript library, a widely used tool on Linux systems. This vulnerability, tracked as CVE-2024-29510, is currently being exploited in attacks, posing ...
Workstations At Risk: Unveiling the RCE Bug
Recently, the world was made aware of a major vulnerability lurking within Windows Themes, tagged as CVE-2023-38146. This vulnerability, called ‘ThemeBleed,’ has a high severity rating of 8.8 and has sparked worry ...
Apache OpenMeetings Network Security Vulnerabilities
Apache OpenMeetings is an open-source application. Users employ it for web conferencing, presentations, and other collaborative work. However, researchers have identified several network security vulnerabilities that malicious actors might exploit. These vulnerabilities ...
Vulnerability Disclosures Rise to Meet Federal Requirements
For all its other security milestones, 2021 was the year that vulnerability disclosures began to get their due, taking on greater importance across all sectors, but particularly in government where valid submissions ...
A Security Vulnerability Management Guide
Living in a container-native world is not easy. Containers have a reputation for being a point of entry for security vulnerabilities for many organizations. In 2015, according to a research paper, over ...
Drupal Core: Behind the Vulnerability
Earlier this year, the Checkmarx Security Research Team conducted an investigation of the new version of Drupal Core (Drupal 9) – a content management system (CMS) written in PHP – uncovering several ...
IBM Launches Security Assessment Service Focused on Business Risk
IBM Security this week launched a service through which it will work with IT security professionals to assess the business risks cybersecurity vulnerabilities represent. Julian Meyrick, vice president for IBM Security, said ...
Millions of Dell PCs vulnerable to attack, due to a flaw in bundled system-health software
Millions of Dell PCs and laptops running Windows are vulnerable to attack via a high severity security hole, that could be exploited by malicious hackers to hijack control over devices. In a ...
Update your iOS devices now against the FaceTime eavesdropping bug
Last week a bug became such big news that it broke out of the technology press, and into the mainstream media – generating headlines around the globe. The reason? A bizarre bug ...
