Searchenginejournal.com

WordPress Translation Plugin Vulnerability Affects +1 Million Sites

A critical vulnerability was discovered in the WPML WordPress plugin, affecting over a million installations. The vulnerability allows an authenticated attacker to perform remote code execution, ...
WeLiveSecurity

Analysis of two arbitrary code execution vulnerabilities affecting WPS Office

ESET researchers discovered a code execution vulnerability in WPS Office for Windows (CVE⁠-⁠2024⁠-⁠7262), as it was being exploited by APT-C-60, a South Korea-aligned cyberespionage group. Upon ...

Patch now! Attackers are targeting HPE OneView and PowerPoint

Attackers are exploiting a malicious code vulnerability in HPE OneView. PowerPoint is exclusively attacked on macOS.
Bleeping Computer

Critical Kubernetes Image Builder flaw gives SSH root access to VMs

A critical vulnerability in Kubernetes could allow unauthorized SSH access to a virtual machine running an image created with the Kubernetes Image Builder project. Kubernetes is an open-source ...
Searchenginejournal.com

Inspiro WordPress Theme Vulnerability Affects Over 70,000 Sites

A vulnerability advisory was published for the Inspiro WordPress theme by WPZoom. The vulnerability arises due to a missing or incorrect security validation that enables an unauthenticated attacker to ...
CSOonline

Critical vulnerability affects latest VLC media player version

Versions 2.0.5 and earlier of the popular VLC media player software contain a critical vulnerability that can be potentially exploited by attackers to execute malicious code on computers. The ...
Windows Central

"Hundreds of consumer and enterprise-grade devices from various vendors, including Intel, Acer, and Lenovo, are potentially vulnerable" Binarly warns about LogoFAIL

Cybersecurity researchers Binarly discovered a vulnerability named LogoFAIL. They recently released their findings at BlackHat Europe. LogoFAIL takes advantage of vulnerabilities in the UEFI reference ...