VMware zero-day exploit code is now public for two critical vCenter Server vulnerabilities, driving urgent patching and tighter access controls. Tracked as CVE-2024-38812 and CVE-2024-38813, the bugs enable …
Latest in Application Security
-
- Cybersecurity NewsApplication Security
Critical jsPDF Vulnerability CVE-2024-21484 Exposes Applications To Security Risks
by Penelope Iroko 3 minutes readThe jsPDF vulnerability tracked as CVE-2024-21484 has been patched, closing a critical flaw that exposed PDF generation workflows to attack. Project maintainers urged immediate upgrades. The weakness impacts …
- Cybersecurity NewsApplication Security
n8n RCE Vulnerability Reaches Maximum CVSS 10.0 Severity Score
by Penelope Iroko 3 minutes readThe n8n RCE vulnerability received a maximum CVSS 10.0 rating, enabling authenticated remote code execution on both self-hosted and n8n Cloud instances. The vendor shipped a fix in …
- Application SecurityCybersecurity News
Chrome WebView Vulnerability Enables Hackers To Bypass Critical Security Restrictions
by CSC Newsby CSC News 3 minutes readThe Chrome WebView vulnerability prompted an emergency update from Google to block security policy bypass in embedded browsing contexts. The flaw is tracked as CVE-2026-0628. Google is delivering …
- Application SecurityCybersecurity News
Google Warns Hackers Exploiting React2Shell Vulnerability To Spread Malware
by Penelope Iroko 3 minutes readThe React2Shell vulnerability is being actively exploited to seize control of internet-facing servers running React Server Components and some Next.js deployments, according to Google’s Threat Intelligence Group (GTIG). …
- Cybersecurity NewsApplication SecurityVulnerabilities & Exploits
Unpatched Gogs Zero-Day Vulnerability Exploited For Months In Wild Attacks
by CSC Newsby CSC News 3 minutes readThe Gogs Zero-Day Vulnerability is being exploited in real-world attacks against internet-exposed self-hosted Git servers, and it remains unpatched. Security teams should restrict exposure, apply compensating controls, and …
- Cybersecurity NewsApplication Security
Equixly Raises $11M For Revolutionary AI API Penetration Testing Platform
by CSC Newsby CSC News 2 minutes readAI API penetration testing is in the spotlight after Equixly raised $11 million to scale its automated platform for API security assessments. The report, the financing, cites strong …
- Cybersecurity NewsApplication Security
Google Chrome Fortifies Against Prompt Injection Attacks With AI Security
by CSC Newsby CSC News 3 minutes readprompt injection attacks are at the center of Google’s latest push to secure Chrome’s Agentic AI. The company is adding guardrails to detect and block malicious instructions embedded …
- Cybersecurity NewsApplication Security
React2Shell Exploitation Surges As Atlassian Confluence Vulnerabilities Under Attack
by CSC Newsby CSC News 3 minutes readReact2Shell exploitation is surging as attackers compromise unpatched Atlassian Confluence servers through high-impact flaws. Security teams report widespread in-the-wild activity. Intrusions typically end with webshell deployment, which enables …
- Cybersecurity NewsApplication Security
React Vulnerability Faces Active React2Shell Exploitation In The Wild
by CSC Newsby CSC News 3 minutes readReact vulnerability exploitation is accelerating as researchers warn that a new technique dubbed React2Shell lowers the bar for remote code execution against misconfigured apps. The campaign highlights insecure …
Newer Posts
