WordPress theme plugin with over 200,000 active installations contains a severe but easy-to-exploit software vulnerability that, if left unpatched, could let unauthenticated remote attackers compromise a wide range of websites and blogs.
A cybersecurity researcher today disclosed technical details of multiple high severity vulnerabilities he discovered in WhatsApp, which, if exploited, could have allowed remote attackers to compromise the security of billions of users in different ways.
Citrix has finally started rolling out security patches for a critical vulnerability in ADC and Gateway software that attackers started exploiting in the wild earlier this month after the company announced the existence of the issue without releasing any permanent fix.
Microsoft earlier today issued an emergency security advisory warning millions of Windows users of a new zero-day vulnerability in Internet Explorer (IE) browser that attackers are actively exploiting in the wild — and there is no patch yet available for it.
This is the first security flaw in Windows OS that the NSA reported responsibly to Microsoft, unlike the Eternalblue SMB flaw that the agency kept secret for at least five years and then was leaked to the public by a mysterious group, which caused WannaCry menace in 2017.