SEARCH
GitLab Patches Critical Account Takeover Flaw
The flaw (CVE-2023-7028) stems from the fact that user account password reset emails can be delivered to unverified email addresses.
APT Group Targets Ivanti Flaws
An unidentified APT group is actively exploiting the two recently disclosed Ivanti Pulse Secure and Connect Secure vulnerabilities (CVE-2023-46805 and CVE-2024-21887).
FBot Hacking Tool Targets Cloud, Payment Platforms
A new Python-based hacking tool is leveraged by cybercriminals to target cloud and SaaS platforms, and payment services, like AWS, Office365, PayPal and Twilio.
Decipher Podcast: Source Code 1/12
Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.
Ivanti Warns of Connect Secure, Policy Secure Zero Days
Patches will be released starting Jan. 22, but until then Ivanti urges customers to apply mitigations.