The Cybersecurity and Infrastructure Security Agency (CISA) has added a Fortinet critical flaw to its known exploited vulnerabilities catalog. CISA on Tuesday added the flaw to the KEV catalog, a day ...

FreePBX patched 2025 flaws allowing SQL injection, file upload attacks, and an auth bypass only when webserver AUTHTYPE was ...

Fortinet has confirmed today that a critical authentication bypass security vulnerability patched last week is being exploited in the wild. The security flaw (CVE-2022-40684) is an auth bypass on the ...

The flaws in the container technology, CVE-2019-16276 and CVE-2019-11253, are simple to exploit. A pair of bugs in the Kubernetes open-source cloud container software can be “highly dangerous” under ...

Fortinet has warned administrators to update FortiGate firewalls, FortiProxy web proxies, and FortiSwitch Manager (FSWM) on-premise management platforms to the latest versions, which address a ...

Attackers are actively exploiting an authentication bypass flaw found in the Palo Alto Networks PAN-OS software that lets an unauthenticated attacker bypass authentication of that interface and invoke ...

Update, Dec. 14, 2024: This story, originally published Dec. 13 now includes a statement from Microsoft about the 2FA bypass vulnerability and the impact it has observed on users. Security researchers ...

Companies relying on Microsoft BitLocker to encrypt the drives of their employees’ computers should install the latest Windows patches immediately. A researcher disclosed a trivial Windows ...

Yubico is most likely the first name that comes to mind when you think about two-factor authentication hardware keys and other secure authentication solutions. And for good reason: it has been leading ...

The software used by many wireless IP cameras manufactured by Foscam Digital Technologies have a vulnerability that allows remote users to access their video streams and take snapshots without proper ...