Zyxel Patches Critical Vulnerability in NAS Firmware
Networking solutions provider Zyxel has released patches for a critical-severity vulnerability impacting the firmware of multiple network attached storage (NAS) device models.
Academics Devise Open Source Tool For Hunting Node.js Security Flaws
A group of academic researchers have designed an open source Node.js bug hunting tool that has already identified 180 security vulnerabilities.
Atlassian Ships Urgent Patch for Critical Bitbucket Vulnerability
Atlassian’s security response team has issued an urgent advisory to warn of a critical command injection flaw in its Bitbucket Server and Data Center product.
The vulnerability carries a CVSS severity score of 9.9 out of 10 and can be exploited remotely to launch code execution attacks, Atlassian said.
LastPass Says Source Code Stolen in Data Breach
Password management software firm LastPass has suffered a data breach that led to the theft of source code and proprietary technical information.
BalkanID Adds $2.3M to Seed Funding Round
BalkanID, a Texas startup building technology in the Identity Governance and Administration (IGA) space, has added $2.3 million to its seed financing round, bringing the total raised to $8.1 million.
Musk Lawyers Seize on Twitter Whistleblower Revelations
Elon Musk’s lawyers jumped Wednesday on the revelations of a Twitter whistleblower to try to force the platform to surrender vast amounts of information for their fight to cancel the billionaire’s buyout bid.
Old, Inconspicuous Vulnerabilities Commonly Targeted in OT Scanning Activity
Data collected by IBM shows that old and inconspicuous vulnerabilities affecting industrial products are commonly targeted in scanning activity seen by organizations that use operational technology (OT). SecurityWeek has talked to several experts to find out what this data means and determine the threat posed by these security holes.
Novant Health Says Malformed Tracking Pixel Exposed Health Data to Meta
Healthcare services provider Novant Health has sent notifications to more than 1.3 million individuals that their protected health information (PHI) might have been inadvertently exposed to Facebook parent company Meta.
Many Media Industry Vendors Slow to Patch Critical Vulnerabilities: Study
A cybersecurity analysis of hundreds of media industry vendors showed that many companies are slow to patch critical vulnerabilities, according to MDR and third-party risk management provider BlueVoyant.
