OpenBSD is a free and open-source Unix-like operating system based on the Berkeley Software Distribution (BSD). It is widely regarded as one of the most secure operating systems available due to many of its security features. Security researchers at Qualys Research Labs have discovered four high-severity security vulnerabilities in OpenBSD, which include one authentication bypass […]

Read More →

iTerm2 is one of the most popular macOS terminal emulator and is a default choice for developers and administrators due to its extensive features like windows transparency, full-screen mode, notifications, integration with tmux etc. A critical remote code execution vulnerability has been discovered in iTerm2 by Radically Open Security, as part of an independent security […]

Read More →

A critical remote code execution (RCE) vulnerability affecting one of the widely used internet forum software vBulletin has been publicly disclosed. The vulnerability is identified with CVE-2019-16759 and allows an attacker to execute any command on the website like uploading malware, uploading shells or tampering with the website’s code. This vulnerability is believed to be […]

Read More →

Squid is an open-source web caching and Internet proxy application which is widely used for speeding up the webserver and aiding in its security. A heap buffer overflow vulnerability has been discovered in some versions of the Squid web proxy cache servers. This vulnerability is tracked as CVE-2019-12527 and could be exploited by attackers to […]

Read More →

ProFTPd is an open-source, cross-platform FTP server and is one among the most popular FTP servers used in Unix-like environments. It comes pre-installed with many Linux and Unix distributions and is used by a number of popular businesses and websites including SourceForge, Samba and Slackware. An improper access control vulnerability has been discovered in ProFTPD, […]

Read More →

A campaign targeting government organizations in Central Asia was discovered delivering a backdoor named HAWKBALL. This backdoor can collect information from the victim’s system and it can also deliver various payloads. It offers an attacker a range of malicious capabilities including examining the host, executing native Windows commands, terminating processes, creating, deleting files, uploading files, […]

Read More →