War-Driving Technique Allows Wi-Fi Password-Cracking at Scale
A researcher was able to crack 70 percent of the gathered hashes in an experiment in a residential neighborhood.
War-driving – the process of driving around mapping residential Wi-Fi networks...
Google Patches Critical Android RCE Bug
Google’s June security bulletin addresses 90+ bugs in Android and Pixel devices.
Google patched more than 90 security vulnerabilities in its Android operating system impacting its Pixel devices and third-party...
WordPress Pop-Up Builder Plugin Flaw Plagues 200K Sites
The flaw could have let attackers send out custom newsletters and delete newsletter subscribers from 200,000 affected websites.
Developers of a plugin, used by WordPress websites for building pop-up ads...
100M IoT Devices Exposed By Zero-Day Bug
A high-severity vulnerability could cause system crashes, knocking out sensors, medical equipment and more.
A flaw in a widely used internet-of-things (IoT) infrastructure code left more than 100 million...
Taking a Neighborhood Watch Approach to Retail Cybersecurity
Bugcrowd CTO Casey Ellis covers new cybersecurity challenges for online retailers.
Every year retailers face a heightened level of risk during the online holiday shopping season. COVID-19 drastically shifted consumer...
Microsoft Patch Tuesday Updates Fix 14 Critical Bugs
Microsoft’s regularly scheduled March Patch Tuesday updates address 89 CVEs overall.
Microsoft has released its regularly scheduled March Patch Tuesday updates, which address 89 security vulnerabilities overall.
Included in the slew...
WordPress Plugin PageLayer leaves 200k sites vulnerable
Author: Sergiu Gatlan
Two high severity security vulnerabilities found in the PageLayer plugin can let attackers to potentially wipe the contents or take over WordPress sites using vulnerable plugin versions.
PageLayer is a WordPress...
Sudo Bug Gives Root Access to Mass Numbers of Linux Systems
Qualys said the vuln gives any local user root access to systems running the most popular version of Sudo.
A doozy of a bug that could allow any local user...
Argo CD Security Bug Opens Kubernetes Cloud Apps to Attackers
The popular continuous-delivery platform has a path-traversal bug (CVE-2022-24348) that could allow cyberattackers to hop from one application ecosystem to another.
A high-severity security vulnerability in Argo CD can enable...
‘PwnedPiper’: Devastating Bugs in >80% of Hospital Pneumatics
Podcast: Blood samples aren’t martinis. You can’t shake them. But bugs in pneumatic control systems could lead to that, RCE or ransomware.
Researchers have discovered nine vulnerabilities – collectively...