You might be interested in …

[BleepingComputer] You can post LinkedIn jobs as ANY employer — so can attackers

Anyone can create a job listing on the leading recruitment platform LinkedIn on behalf of any employer—no verification needed. Now, that might be nothing new, the feature and lax verification on career websites pave the ways for attackers to post bogus listings for malicious purposes. […] Source: Read More (BleepingComputer)

Read More

[BleepingComputer] Cisco fixes 6-month-old AnyConnect VPN zero-day with exploit code

Cisco has fixed a six-month-old zero-day vulnerability found in the Cisco AnyConnect Secure Mobility Client VPN software, with publicly available proof-of-concept exploit code. […] Source: Read More (BleepingComputer)

Read More

[HackerNews] Hackers Exploiting New Auth Bypass Bug Affecting Millions of Arcadyan Routers

All posts, HackerNews

Unidentified threat actors are actively exploiting a critical authentication bypass vulnerability to hijack home routers as part of an effort to co-opt them to a Mirai-variant botnet used for carrying out DDoS attacks, merely two days after its public disclosure. Tracked as CVE-2021-20090 (CVSS score: 9.9), the weakness concerns a path traversal vulnerability in the web interfaces of routers Source: Read More […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.