Patch/Configuration Management

Included in the leaked files were data for Cisco clients and other DevHub users, as well as certain CX Professional Services customers, who have already been informed about the breach.

According to the UK's FCA, third-party related issues were the leading cause of operational incidents reported between 2022 and 2023.

The “Phish ‘n’ Ships” threat operation has infected more than 1,000 websites and has possibly stolen tens of millions of dollars.

In a twist, more than 1 terabyte of data was stored in the S3 bucket of a previous victim.

QNAP's patches for the SQLi issue come just days after it addressed another zero-day impacting its HBS 3 Hybrid Backup Sync disaster recovery and data backup solution, which was discovered and leveraged by the Viettel Cyber Security team to compromise a TS-464 network-attached storage device during the competition.

ACROS Security has released free unofficial fixes for a zero-day flaw in Windows Themes, which could be leveraged to facilitate the remote compromise of NTLM credentials on devices running on Windows 7 to Windows 11 24H2.

The discoveries included three critical security vulnerabilities and 18 high-severity flaws.