Bleeping Computer

Ivanti warns of maximum severity CSA auth bypass vulnerability

Today, Ivanti warned customers about a new maximum-severity authentication bypass vulnerability in its Cloud Services Appliance (CSA) solution. The security flaw (tracked as CVE-2024-11639 and ...

Hackers exploit critical auth bypass flaw in JobMonster WordPress theme

Threat actors are targeting a critical vulnerability in the JobMonster WordPress theme that allows hijacking of administrator ...
ZDNet

Sandbox bypass in Android Google Admin console revealed

A security flaw allows third-party applications to bypass sandbox restrictions in the Google Admin console has been disclosed. Posted on Full Disclosure on Friday, Rob Miller, senior security ...
Threat Post

Zero Day in Android’s Google Admin App Can Bypass Sandbox

The Android security team at Google is having a busy month. First the Stagefright vulnerabilities surfaced last month just before Black Hat and now researchers at MWR Labs have released information on ...
CSOonline

Some Brother printers have a remote code execution vulnerability, and they can’t fix it

An authentication bypass vulnerability in the printers, hardcoded at the factory, can be chained with another flaw for remote code execution on affected devices. Brother Industries is grappling with a ...
Threat Post

Latest Windows UAC Bypass Permits Code Execution

Researcher Matt Nelson disclosed another Windows UAC bypass, one that makes use of Event Viewer to hijack registry entries and run code. Less than a month after disclosing a Windows User Account ...