#cybersecurity-vulnerability

[ follow ]
#data-breach #authentication-bypass #critical-patch #remote-code-execution #companies-house
#data-breach
fromBusiness Matters
15 hours ago
Privacy professionals

Companies House suspends online filing service after cyber vulnerability exposes director data

Companies House suspended its WebFiling service after a security vulnerability allowed users to access and edit other companies' sensitive personal data through a browser back button exploit.
fromLawSites
1 week ago
Information security

LexisNexis Says Data Breach Has Been Cointained; Hackers Claim Access to Government and Law Firm User Data

Hackers exploited an unpatched React vulnerability to breach LexisNexis servers, accessing millions of records including sensitive government employee data and plaintext credentials.
Privacy professionals
fromBusiness Matters
15 hours ago

Companies House suspends online filing service after cyber vulnerability exposes director data

Companies House suspended its WebFiling service after a security vulnerability allowed users to access and edit other companies' sensitive personal data through a browser back button exploit.
Information security
fromLawSites
1 week ago

LexisNexis Says Data Breach Has Been Cointained; Hackers Claim Access to Government and Law Firm User Data

Hackers exploited an unpatched React vulnerability to breach LexisNexis servers, accessing millions of records including sensitive government employee data and plaintext credentials.
more#data-breach
Information security
fromSecurityWeek
2 days ago

Critical HPE AOS-CX Vulnerability Allows Admin Password Resets

HPE released patches for a critical vulnerability in Aruba Networking AOS-CX switches that allows remote, unauthenticated attackers to reset administrator passwords and gain full system control.
Information security
fromTheregister
4 days ago

CISA says n8n critical bug exploited in real-world attacks

CISA mandates immediate patching of CVE-2025-68613, a critical 9.9-severity remote code execution vulnerability in n8n workflow automation platform affecting over 103,000 users.
fromThe Hacker News
1 week ago

CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog

A malicious unauthenticated actor may exploit this issue to execute arbitrary commands, which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress. The shortcoming was addressed, along with CVE-2026-22720, a stored cross-site scripting vulnerability, and CVE-2026-22721, a privilege escalation vulnerability that could result in administrative access.
Information security
Information security
fromComputerWeekly.com
2 weeks ago

Cisco Catalyst SD-WAN users targeted in series of cyber attacks | Computer Weekly

UK and Five Eyes agencies warn of active threat campaigns targeting Cisco Catalyst SD-WAN products, requiring immediate investigation and patching of critical authentication bypass vulnerabilities.
[ Load more ]