Bug bounty platform HackerOne disclosed that a former employee improperly accessed security reports submitted to claim additional bounties The vulnerability coordination and bug bounty platform HackerOne disclosed that a... Read more »

The Threat Report Portugal: Q2 2022 compiles data collected on the malicious campaigns that occurred from March to June, Q2, 2022. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing... Read more »

US Critical Infrastructure Security Agency (CISA) adds CVE-2022-26925 Windows LSA flaw to its Known Exploited Vulnerabilities Catalog. In May the US CISA removed the CVE-2022-26925 Windows LSA vulnerability from... Read more »

Jenkins security team disclosed tens of flaws affecting 29 plugins for the Jenkins automation server, most of them are yet to be patched. Jenkins is the most popular open-source automation... Read more »

Microsoft announced that the Windows worm Raspberry Robin has already infected the networks of hundreds of organizations. Raspberry Robin is a Windows worm discovered by cybersecurity researchers from Red... Read more »

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box. The role of Social... Read more »

Google Project Zero states that in H1 2022 at least half of zero-day issues exploited in attacks were related to not properly fixed old flaws. Google Project Zero researcher... Read more »

This is a transcription of an interview I had at Iran International broadcaster, I discussed about the role of social media in modern society. What’s the Middle East government’s... Read more »

Researchers shared technical details and proof-of-concept exploit code for the CVE-2022-28219 flaw in Zoho ManageEngine ADAudit Plus tool. Security researchers from Horizon3.ai have published technical details and proof-of-concept exploit... Read more »