Infosecurity Magazine

Hackers Exploit Critical Flaw in Gladinet's Triofox File Sharing Product

Threat actors were exploiting vulnerable versions of Triofox after a patched version was released, said Google Cloud ...
Macworld

Safari exploit can make scripts run

Security firm Secunia on Tuesday documented a possible exploit in Apple’s Safari Web browser that the company describes as “extremely critical.” Secunia calls the exploit Mac OS X “__MACOSX” ZIP ...
Bleeping Computer

Exploit for critical Progress Telerik auth bypass released, patch now

Researchers have published a proof-of-concept (PoC) exploit script demonstrating a chained remote code execution (RCE) vulnerability on Progress Telerik Report Servers. The Telerik Report Server is an ...
Bleeping Computer

WinRAR SFX archives can run PowerShell without being detected

Hackers are adding malicious functionality to WinRAR self-extracting archives that contain harmless decoy files, allowing them to plant backdoors without triggering the security agent on the target ...
Neowin

Linux/Unix exploit allows some restricted commands to be run as root without clearance

The 'sudo' keyword in Unix and Linux allows users to execute certain commands with special-access privileges that cannot otherwise run on a given machine by a user with a lower level of clearance.
Ars Technica

High-severity vulnerability in vBulletin is being actively exploited

Attackers are mass-exploiting an anonymously disclosed vulnerability that makes it possible to take control of servers running vBulletin, one of the Internet’s most popular applications for website ...