Users of a widely used firewall from Sophos have been under a zero-day attack that was designed to steal usernames, cryptographically protected passwords, and other sensitive data, officials with the ...

The Fortra FileCatalyst Workflow is vulnerable to an SQL injection vulnerability that could allow remote unauthenticated attackers to create rogue admin users and manipulate data on the application ...

WordPress Loginizer Plugin has issued a security patch for a vulnerability that could allow a hacker to modify a database through an Unauthenticated SQL Injection exploit. This kind of exploit, also ...

A critical vulnerability in the Cacti Web-based open source framework for monitoring network performance gives attackers a way to disclose Cacti's entire database contents — presenting a prickly risk ...

Reports that the latest SQL injection exploit may have impacted hundreds of thousands of sites running IIS and SQL Server in recent days has put Microsoft, once again, on the defensive. Redmond's ...

The proof-of-concept exploit is easy to execute, and could foretell wider targeting of the Fortinet vulnerability by attackers. Security researchers have released technical details and a ...

As expected, cyberattackers have pounced on a critical remote code execution (RCE) vulnerability in the Fortinet Enterprise Management Server (EMS) that was patched last week, allowing them to execute ...

Palo Alto Networks warned customers today to patch security vulnerabilities (with public exploit code) that can be chained to let attackers hijack PAN-OS firewalls. The flaws were found in Palo Alto ...

Krebs unsuccessfully attempted to bring the issue to the attention of The Pirate Bay staff, and could not get a statement from them about the vulnerability. In his effort to get some kind of response, ...

A lot of back and forth this week over an alleged new exploit in the wild that's affecting Adobe's Flash Player. Earlier this week, Symantec claimed there was a new exploit, but is now backing off ...