Vulnerability Management

The vulnerabilities affect GeForce, RTX, Quadro, Tesla, and NVS product lines, as well as vGPU and Cloud Gaming software.

The vulnerability, CVE-2024-12802, allows threat actors to bypass MFA on SonicWall Gen6 SSL-VPN appliances by using a specific user principal name (UPN) login format.

The rapid growth of AI has created an explosion of APIs that will require new techniques to manage.

The vulnerability affects the Python API server logic within the PyPI package, which sees nearly 14 million monthly downloads.

While the specific type of vulnerability has not been disclosed, the urgency of the advisory suggests a serious flaw with a potentially short window between patch release and active exploitation.

The failures occur in environments with strict network limitations, including air-gapped systems and heavily firewalled networks.

My Mother the Car, AI Slop, Nginx, Polyscope, Drupal, GitHub, Aaran Leyland, and More on the Security Weekly News.

Critical flaw in Universal Robots cobots could let attackers hijack production systems remotely.