flaw

Update Zoom now to protect your Mac from this security flaw

by

[ad_1] BrightSpace / Shutterstock.com Older versions of Zoom could allow hackers to take over your macOS through a privilege escalation vulnerability. But the latest Zoom update (5.11.5) fixes this bug. If you use Zoom on your Mac, you should update the software now. This update comes just a week after Zoom disclosed its privilege escalation … Read more

Hackers exploit critical F5 BIG-IP flaw to launch backdoors

by

[ad_1] Threat actors have begun massively exploiting the critical vulnerability tracked as CVE-2022-1388, which affects multiple versions of all F5 BIG-IP modules, to launch malicious payloads. Last week, F5 released patches for the security issue (severity rating 9.8), which affects the BIG-IP iControl REST authentication component. The company warned that the vulnerability allows an unauthenticated … Read more

NPM flaw allows attackers to add anyone as a maintainer of malicious packages

by

[ad_1] A “logic flaw” in the npm registry allowed the authors of malicious packages to silently add anyone and any number of users as “maintainers” of their packages in an attempt to increase trust in their packages. The GitHub-owned repository of NodeJS components has now fixed the flaw after cloud-native security company Aqua responsibly reported … Read more

Hackers take advantage of critical VMware RCE flaw to install backdoors

by

[ad_1] Advanced hackers are actively exploiting a critical remote code execution (RCE) vulnerability, CVE-2022-22954, affecting VMware Workspace ONE Access (formerly called VMware Identity Manager). The issue was fixed in a security update 20 days ago along with two more RCEs: CVE-2022-22957 and CVE-2022-22958 also affecting VMware Identity Manager (vIDM), VMware vRealize Automation (vRA), VMware Cloud … Read more