Network World

Easy-to-exploit authentication bypass flaw puts Netgear routers at risk

For the past half year Netgear has been working on fixing a serious and easy-to-exploit vulnerability in many of its routers. And it’s still not done. While Netgear has worked to fix the issue, the ...
Bleeping Computer

DoubleDoor Botnet Chains Exploits to Bypass Firewalls

Crooks are building a botnet that for the first time is bundling two exploits together in an attempt to bypass enterprise firewalls and infect devices. Discovered by researchers from NewSky Security, ...
Bleeping Computer

Exploit released for Microsoft SharePoint Server auth bypass flaw

Proof-of-concept exploit code has surfaced on GitHub for a critical authentication bypass vulnerability in Microsoft SharePoint Server, allowing privilege escalation. Tracked as CVE-2023-29357, the ...
TechCrunch

Researchers say easy-to-exploit security bugs in ConnectWise remote-access software now under mass attack

Security researchers say a pair of easy-to-exploit flaws in a popular remote-access tool used by more than a million companies around the world are now being mass exploited, with hackers abusing the ...
Dark Reading

Attackers Exploit Microsoft Security-Bypass Zero-Day Bugs

Microsoft's scheduled Patch Tuesday security update for February includes fixes for two zero-day security vulnerabilities under active attack, plus 71 other flaws across a wide range of its products.
CSOonline

JSON-based SQL injection attacks trigger need to update web application firewalls

Security researchers have developed a generic technique for SQL injection that bypasses multiple web application firewalls (WAFs). At the core of the issue was WAF vendors failing to add support for ...