ExtraReplica: Microsoft patches cross-tenant bug in Azure PostgreSQL
Microsoft has patched a security weakness in Azure PostgreSQL which could have been exploited to execute malicious code. On Thursday, researchers from Wiz Research...
Microsoft has patched a security weakness in Azure PostgreSQL which could have been exploited to execute malicious code. On Thursday, researchers from Wiz Research...
A “logical flaw” has been disclosed in NPM, the default package manager for the Node.js JavaScript runtime environment, that enables malicious actors to pass...
An Iranian-linked threat actor known as Rocket Kitten has been observed actively exploiting a recently patched VMware vulnerability to gain initial access and deploy...
The US Department of Homeland Security (DHS)’s first bug bounty with external researchers called “Hack DHS” helped discover 122 vulnerabilities. DHS announced the Hack...
A security vulnerability has been disclosed in the web version of the Ever Surf wallet that, if successfully weaponized, could allow an attacker to...
The “hotpatch” released by Amazon Web Services (AWS) in response to the Log4Shell vulnerabilities could be leveraged for container escape and privilege escalation, allowing...
An unpatched high-severity security flaw has been disclosed in the open-source RainLoop web-based email client that could be weaponized to siphon emails from victims’...
Details have emerged about a now-patched security vulnerability in the Snort intrusion detection and prevention system that could trigger a denial-of-service (DoS) condition and...
Microsoft has announced new “scenario-based” awards for its Dynamics and Power Platform Bounty Program and the Microsoft 365 Bounty Program. Microsoft says the scenario-based...
Cloud computing and virtualization technology firm VMWare on Thursday rolled out an update to resolve a critical security flaw in its Cloud Director product...