Items tagged with exploit

Microsoft Systems administrators everywhere, it looks like you get a Patch Monday as a side dish to the usual Patch Tuesday this week. There's a full remote code vulnerability (RCE) exploit for SharePoint running around, letting any... Read more...
Drop everything—there's a new hardware security vulnerability in Intel's processors! Or don't, really, because this vulnerability is only rated at a "medium" severity by Intel itself, and it's even arguably a good thing for the company... Read more...
In the last couple of years, the ever-popular KeePass password manager has come up in a number of articles, such as when it was recently found that passwords could be stolen through the export functionality. Now, KeePass is back in the... Read more...
No April Fools here; only April vulnerabilities abound with the popular WordPress addon Elementor, used by millions of websites worldwide. Adding insult to injury, threat actors are now exploiting this vulnerability to tweak settings and... Read more...
If you're not a Linux sysadmin, you might not be familiar with Control Web Panel, but if you are a Linux sysadmin, you almost certainly are at least aware of the app. Control Web Panel, or CWP, is a free Linux control panel for various web... Read more...
Server admins and security-heads take note: there's a new Windows zero-day that's like leaving the key in the lock. It just requires access to any standard user account, and provides administrative privileges with the execution of a single... Read more...
On the eve of its big iPhone 13 unveil, Apple was forced to issue a new software update for its iPhone, iPad, and Mac product lines. As a result, iOS 14.8 and iPadOS 14.8 are now available for the iPhone and iPad, respectively, while Apple... Read more...
Earlier in July, the PrintNightmare vulnerability was discovered, wherein a threat actor could exploit the vulnerability to gain system-level access to a device. This was only speculation at first, but that has now changed, as... Read more...
Hackers and threat actors are constantly searching for new ways to breach systems for cybersecurity research or exploitation, respectively. Thankfully, French researcher Gilles Lionel got to an NTLM Relay Attack, dubbed PetitPotam, first... Read more...
Yesterday, we reported that CD Projekt Red sent out a warning that was effectively against "downloading mods", but it appears that we did not have the full story from the developers of Cyberpunk 2077. According to users on the CD Projekt... Read more...
In May of this year, Apple patched a silent but deadly exploit that went after iPhones using specially crafted wireless payloads. This exploit is a simple memory corruption attack that allows any malicious person to do whatever they want... Read more...
Attackers with physical access to a device can generally do the most damage to a machine. This remains true with CVE-2020-8705, where an attacker with physical access can gain control of the system firmware while the device resumes from a... Read more...
TCL Android TVs have been crowding retail stores since their initial launch earlier this year. The Chinese-manufactured TVs have been a “budget-option” that works well enough for most and is a steal compared to the competition. When you... Read more...
Get ready to patch your Windows systems as a new bug has been discovered that can lead to the dreaded Blue Screen of Death. This bug, labeled the “Bad Neighbor” exploit (CVE-2020-16898), enables an attacker who crafts an IPv6 packet to... Read more...
Earlier in the week, we reported on a dangerous exploit with Windows domain controllers called Zerologon. Now, the Cybersecurity and Infrastructure Security Agency (CISA), under the Department of Homeland Security direction, is issuing... Read more...
If any of you out there are running the Firefox browser app for Android, please update immediately. Versions below Firefox version 79 on mobile are vulnerable to exploitation of Android intent URIs. This attack uses SSDP payloads to... Read more...
Secura digital security advisors and researchers, have discovered a highly critical vulnerability with Active Directory domain controllers. Rated as a 10 of 10 on the Common Vulnerability Scoring System (CVSS), this exploit, dubbed... Read more...
A new security vulnerability has now been detailed that exposes portions of your device’s Wi-Fi traffic to nefarious individuals. The Kr00k vulnerability was disclosed today by ESET researchers presenting at the RSA Security... Read more...
It seems as though we can't escape a single week without hearing about a new widespread security exploit that puts us all at risk. This week, the newly detailed attack taking center stage is called Simjacker, and it was revealed by the... Read more...
In the web browser world, Google Chrome is tops and is offered on multiple platforms including Windows 10, macOS, Linus, iOS and Android. however, web developer named Jim Fisher has found an exploit that nefarious developers can use to... Read more...
Most of the security vulnerabilities we write about at HotHardware fortunately won't affect the vast majority of readers. Either these exploits require user interaction to kick-start, or you have to be of particular interest as a target... Read more...
It appears that T-Mobile has only recently squashed a rather serious bug that affected one of the company's subdomains used by staff. In this case, promotool.t-mobile.com was not password protected, allowing anyone that stumbled across it... Read more...
1 2 3 4 Next