Critical Remote Code Execution Flaw Discovered in Kubernetes Ingress NGINX Controller
Security researchers have uncovered severe vulnerabilities in the Ingress NGINX Controller that could allow attackers to remotely compromise Kubernetes clusters without authentication. The flaws, affecting over 6,500 exposed clusters including Fortune 500 companies, received a near-maximum severity score of 9.8.
Critical PHP Voyager Vulnerabilities Enable Remote Code Execution Through One-Click Attacks
Three severe security flaws discovered in the PHP Voyager package allow attackers to execute malicious code through deceptive file uploads and XSS exploits. Despite being reported in September 2024, these vulnerabilities remain unpatched, putting organizations using Voyager at significant risk.
Critical SimpleHelp Vulnerabilities Expose Networks to Remote Attacks
Multiple severe security flaws discovered in SimpleHelp remote access software enable attackers to steal files, escalate privileges, and execute malicious code. The vulnerabilities, found by Horizon3.ai researchers, have been patched in recent versions but require immediate updates.
Critical Fortinet Vulnerabilities Expose Cybersecurity Gaps and Corporate Responsibility
A severe vulnerability chain in Fortinet's FortiWLM system highlights industry-wide cybersecurity challenges and corporate accountability issues. The flaws, which could enable root-level Remote Code Execution, emphasize the critical importance of timely security patches and proactive protection measures.