Secure Planet Training Courses Updated For 2019 - Click Here

There are new available articles, click to refresh the page.

The Hacker News

WordPress Releases Update 6.4.2 to Address Critical Remote Attack Vulnerability

By: Newsroom — December 8^th 2023 at 09:23

WordPress has released version 6.4.2 with a patch for a critical security flaw that could be exploited by threat actors by combining it with another bug to execute arbitrary PHP code on vulnerable sites. "A remote code execution vulnerability that is not directly exploitable in core; however, the security team feels that there is a potential for high severity when combined with some plugins,

Popular JWT cloud security library patches “remote” code execution hole

By: Paul Ducklin — January 10^th 2023 at 17:59

It's remotely triggerable, but attackers would already have pretty deep network access if they could "prime" your server for compromise.