Vulnerabilities Archives - Page 6 of 6

Here’s what you need to know about the new (actively exploited) Microsoft Exchange Server 0-Days: CVE-2022-41040 and CVE-2022-41082

Posted on October 6, 2022

Latest update: Microsoft has updated its mitigation for the flaw. Implement it. [265 words] What: Two zero-day vulnerabilities exist in Microsoft Exchange Server 2013, 2016 and 2019. One of the flaws CVE-2022-41040,…

Newly disclosed vulnerability in PHP package repository highlights growing software supply chain risks

Posted on October 6, 2022

Key takeaway: Attackers are increasingly trying to infiltrate software development environments via malicious and poisoned packages on public code repositories. Robust SBOM and SCA practices are key to mitigating the threat [289…