Vulnerabilities | News, how-tos, features, reviews, and videos
CISA released seven advisories for serious vulnerabilities in industrial control systems products from Schneider Electric, Rockwell Automation, B&R Industrial, and BD.
The use-after-free flaw allows privilege escalation in affected media applications running on Apple’s Core Media framework.
AI frameworks, including Meta’s Llama, are prone to automatic Python deserialization by pickle that could lead to remote code execution.
The bug affectq the management interfaces of SMA1000 Secure Mobile Access appliances, allowing the execution of arbitrary OS commands.
Security researchers have uncovered known firmware flaws in three Palo Alto enterprise firewall devices built on commodity hardware.
The flaw could allow remote attackers to shut down ClamAV scanning and compromise critical security workflows.
A researcher found an OpenAI development oversight that could allow attackers to launch DDoS attacks on unsuspecting businesses.
About 70% of organizations did not regularly patch flaws in their internet-facing systems, according to an S&P Global Ratings report.
The solution: Use IPsec and similar security protocols to protect against exploitation by threat actors.
Despite its size and complexity, FTC complained that the company had failed multiple security standards that needed to be fixed immediately.