Out-of-band update addresses an issue for which IBM X-Force researchers had wanted a new CVE, but which HelpSystems says is not specific to its software [300 words] What: HelpSystems on October 17…
Tag: RCE
Critical vulnerability puts vm2 JavaScript sandbox environments at risk of remote code execution attack
Key takeaway: “Although sandboxes are meant to run untrusted code within your application, you shouldn’t automatically assume that they are safe.”—Oxeye [260 words] What: Organizations using JavaScript sandbox vm2 should immediately update…
GLPI warns of massive exploit activity targeting one of two critical flaws disclosed in Sept.
Key takeaway: Update now to latest versions of the IT asset management software. If you can’t, implement GLPIs recommended mitigation. Attackers are targeting the flaw to execute arbitrary code on insecure servers…