Bleeping Computer

Four Years Later, We Have a New OWASP Top 10

The Open Web Application Security Project (OWASP) has published a new version of its infamous Top 10 vulnerability ranking, four years after its last update, in 2013. The OWASP Top 10 is not an ...
Threat Post

RCE ‘Bug’ Found and Disputed in Popular PHP Scripting Framework

Impacted are PHP-based websites running a vulnerable version of the web-app creation tool Zend Framework and some Laminas Project releases. Versions of the popular developer tool Zend Framework and ...
Dark Reading

Netwrix Auditor Bug Could Lead to Active Directory Domain Compromise

Editor's note: Update at bottom of story. Netwrix IT asset tracker and compliance auditor, used across more than 11,500 organizations, contains a critical Insecure Object Deserialization vulnerability ...
Infosecurity-magazine.com

New Vulnerabilities Found in Adobe ColdFusion

Security researchers from Rapid7 have found active exploitation of multiple vulnerabilities in Adobe ColdFusion, a web development computing platform. On July 11, 2023, Adobe released patches for ...
Bleeping Computer

Microsoft fixes actively exploited Exchange zero-day bugs, patch now

Microsoft has released emergency out-of-band security updates for all supported Microsoft Exchange versions that fix four zero-day vulnerabilities actively exploited in targeted attacks. These four ...