The vulnerable versions are 2.7.8 and older, and the best way to address the risk is to update to 2.7.9 or later, which came out on Friday. The latest beta and test versions have also been patched.

The warnings include a renewed effort to inform business executives, academics and local and state government officials about the risks of accepting Chinese investment or expertise in key industries.

Over 126 million malicious emails have been fired at U.K House of Commons (HoC) inboxes this year, a 358% increase on the total figure for 2020, according to new figures from Parliament Street.

A security researcher found a critical vulnerability in Polygon’s Plasma Bridge that could have allowed a malicious user to submit the same withdrawal transaction 224 times, with different exit IDs.

More than 200 teams from across the United States participated in the National Computer Forensics Institute’s (NCFI’s) Training and Cyber Games competition, which took place earlier this month.

Cisco addressed a high-severity OS command-injection vulnerability, tracked as CVE-2021-1529, in Cisco SD-WAN that could allow privilege escalation and lead to arbitrary code execution.

The new utility from Facebook features a simple interface that allows researchers to create unique internal endpoint URLs for targeting and then learn whether their URLs have been hit by SSRF attempt.

Threat actors are selling a database containing 50 million records of Moscow drivers on an underground forum for only $800. The data contains records collected between 2006 and 2019.

Microsoft topped the list as 29% of all brand phishing attempts were related to the Redmond-based technology giant. Other impersonated brands include Amazon (13%), DHL (9%), and Bestbuy (8%).

A new China-linked LightBasin threat actor group emerged as a new threat for telecommunication companies as researchers dug out a string of attacks designed to gather valuable information.