A popular WordPress quiz plugin can be abused to mount SQL injection attacks ...

Critical remote code execution and database theft flaws highlight patching gaps and the hidden risk inside business ...

Attackers could even have used one vulnerable Lookout user to gain access to other Google Cloud tenants' environments.

A popular WordPress quiz plugin can be abused to mount SQL injection attacks ...

The results of our soon-to-be-published Advanced Cloud Firewall (ACFW) test are hard to ignore. Some vendors are failing badly at the basics like SQL injection, command injection, Server-Side Request ...

There were some changes to the recently updated OWASP Top 10 list, including the addition of supply chain risks. But old ...

Two vulnerabilities can be exploited to fully compromise instances of the Google Looker business intelligence platform.

Russian-state hackers wasted no time exploiting a critical Microsoft Office vulnerability that allowed them to compromise the ...

CISA warns that a fresh critical-severity SolarWinds vulnerability leading to unauthenticated RCE has been exploited in attacks.

Pillar Security discovered two new critical vulnerabilities in n8n that could lead to supply chain compromise, credential harvesting and complete takeover attacks ...

Leaked non-human identities like API keys and tokens are becoming a major breach driver in cloud environments. Flare shows ...