The Hacker News

Critical CVSS 9.8 Flaw Found in IBM API Connect Authentication System

IBM disclosed a critical CVSS 9.8 authentication bypass in IBM API Connect that could allow remote access; patches are now ...
Bleeping Computer

Hackers exploit critical unpatched flaw in Zyxel CPE devices

Hackers are exploiting a critical command injection vulnerability in Zyxel CPE Series devices that is currently tracked as CVE-2024-40891 and remains unpatched since last July. The vulnerability ...
Dark Reading

Unpatched Zyxel CPE Zero-Day Pummeled by Cyberattackers

A command-injection vulnerability in Zyxel CPE Series devices is being targeted by threat actors, and there's no patch available. The bug, tracked as CVE-2024-40891, was first discovered by VulnCheck, ...
Infosecurity-magazine.com

NVD Revamps Operations as Vulnerability Reporting Surges

After a tumultuous year marked by internal turmoil and a mounting vulnerability backlog, the National Vulnerability Database (NVD) team within the US National Institute of Standards and Technology ...