Travis CI Flaw Exposes Secrets of Thousands of Open Source ProjectsThe Hacker News
Continuous integration vendor Travis CI has patched a serious security flaw that exposed API keys, access tokens, and credentials, potentially putting organizations that use public source code repositories at risk of further attacks.
The issue — tracked as CVE-2021-41077 — concerns unauthorized access...
Da green pass a mascherine, al voto con le regole Covid
Ecco le indicazioni Viminale-Salute per elezioni settembre-ottobreRead MoreRSS di - ANSA.it
Third Critical Bug Affects Netgear Smart Switches — Details and PoC ReleasedThe Hacker News
New details have been revealed about a recently remediated critical vulnerability in Netgear smart switches that could be leveraged by an attacker to potentially execute malicious code and take control of vulnerable devices.
The flaw — dubbed "Seventh Inferno" (CVSS score:...
Windows MSHTML 0-Day Exploited to Deploy Cobalt Strike Beacon in Targeted AttacksThe Hacker News
Microsoft on Wednesday disclosed details of a targeting phishing campaign that leveraged a now-patched zero-day flaw in its MSHTML platform using specially-crafted Office documents to deploy Cobalt Strike Beacon on compromised Windows systems.
"These attacks used the vulnerability, tracked as CVE-2021-40444, as...
You Can Now Sign-in to Your Microsoft Accounts Without a PasswordThe Hacker News
Microsoft on Wednesday announced a new passwordless mechanism that allows users to access their accounts without a password by using Microsoft Authenticator, Windows Hello, a security key, or a verification code sent via SMS or email.
The change is expected to...