Vulnerabilities & Exploits

A year after a potentially critical vulnerability (CVE-2018-1002100) was found and patched in the popular open-source container orchestration system and DevOps tool Kubernetes, researchers discovered that the vulnerability can still be exploited.

Popular open-source DevOps automation software StackStorm was reported to have a critical vulnerability that could allow remote attackers to perform arbitrary commands on targeted servers.

Security researchers uncovered vulnerabilities in third-party car alarms managed via their mobile applications, affecting around 3 million cars. Here's what you need to know.

We look at the most pervasive information stealers, ransomware, and cryptocurrency-mining malware in the Americas in 2018 and how they highlight the significance of proactive threat detection and incident response capabilities.

We looked back at 2018’s mobile threat landscape to see the possible threats that lie ahead and help users and organizations proactively defend against them.

CVE-2019-5736 is a vulnerability involving the runC runtime component, which is used for container platforms such as Docker and container orchestration platforms such as Kubernetes.

Looking back at the most significant issues of 2018, we saw shifting cybercriminal strategies and lingering security threats. Enterprises faced a multitude of challenges, but careful study of these issues can present opportunities for improvement.

Owners and administrators of WordPress websites that use the “Total Donations” plugin are advised to remove the plugin after a zero-day vulnerability and design flaws were seen actively exploited in the wild.

Radio frequency (RF) technology is being used in operations to control various industrial machines. However, the lack of implemented security in RF communication protocols could lead to production sabotage, system control, and unauthorized access.