Widely used WordPress plugin Ally, which focuses on website usability and accessibility, has been impacted by a high-severity security vulnerability, which could be harnessed to compromise sensitive information without authentication, reports BleepingComputer.
Updates have been issued by Microsoft to address 83 vulnerabilities across its products, including a critical remote code execution vulnerability and two publicly disclosed flaws, as part of this month's Patch Tuesday, SecurityWeek reports.
CyberScoop reports that widely used Java security library pac4j was noted by CodeAnt AI co-founder and CEO Amartya Jha to be impacted by a maximum severity flaw, which could be weaponized by anyone with basic knowledge of JSON Web Tokens.
The Cybersecurity and Infrastructure Security Agency has set shortened deadlines for remediating a trio of security flaws following active exploitation by state-backed threat actors and other cybercrime groups, reports The Record, a news site by cybersecurity firm Recorded Future.
