The Hacker News18h
New "whoAMI" Attack Exploits AWS AMI Name Confusion for Remote Code Execution
Cybersecurity researchers have disclosed a new type of name confusion attack called whoAMI that allows anyone who publishes an Amazon Machine Image ( AMI) with a specific name to gain code execution ...
Critical PostgreSQL bug tied to zero-day attack on US Treasury
The vulnerability in the PostgreSQL interactive tool (psql) can lead to arbitrary code execution (ACE) and there is also a ...
Ivanti: Critical code smuggling vulnerabilities in VPN and CSA
There are critical security leaks in Ivanti's VPN software ICS, IPS and ISAC as well as in Ivanti CSA. Attackers can plant ...
SecurityWeek3d
Adobe Plugs 45 Software Security Holes, Warns of Code Execution Risks
Adobe patches 45 vulnerabilities across multiple products and warns of remote code execution exploitation risks.