Servers made by Quanta Cloud Technology (QCT) are affected by the baseboard management controller (BMC) vulnerability known as CVE-2019-6260 and “Pantsdown.”
Critical Vulnerabilities Found in Open Automation Software Platform
Cisco’s Talos research and threat intelligence unit revealed on Wednesday that one of its employees discovered several critical and high-severity vulnerabilities in the Open Automation Software Platform.
Tidelift Raises $27 Million to Tackle Open Source Supply Chain Security
WhiteSource Becomes Mend, Adds Automatic Code Remediation
Chrome 102 Patches 32 Vulnerabilities
Google on Tuesday announced the stable channel release of Chrome 102, which patches 32 vulnerabilities, including a critical flaw reported by an anonymous researcher.
Google Discloses Details of Zoom Zero-Click Remote Code Execution Exploit
Google’s Project Zero has disclosed the details of a zero-click remote code execution exploit targeting the Zoom video conferencing software.
Trend Micro Patches Vulnerability Exploited by Chinese Cyberspies
Cybersecurity company Trend Micro has updated one of its products to patch a vulnerability that has been exploited by a threat actor linked to China.
Semperis Banks $200 Million to Scale Enterprise ID Protection Tech
Enterprise identity protection vendor Semperis has banked $200 million in a new round of funding that values the company north of $1 billion.
Hackers Can ‘Pre-Hijack’ Online Accounts Before They Are Created by Users
Threat actors could gain access to users’ online accounts by leveraging a new type of technique that involves pre-hijacking an account before it’s actually registered by the victim.
“Account pre-hijacking” is a new class of attacks that can be used to gain access to a targeted account, and many online services could be vulnerable.
Cybersecurity Community Warned of Fake PoC Exploits Delivering Malware
Researchers have spotted fake proof-of-concept (PoC) exploits that appear to have been created by threat actors in an effort to deliver malware to members of the cybersecurity community.