Threat Post

Zero Day in Android’s Google Admin App Can Bypass Sandbox

The Android security team at Google is having a busy month. First the Stagefright vulnerabilities surfaced last month just before Black Hat and now researchers at MWR Labs have released information on ...
Bleeping Computer

Critical Ivanti vTM auth bypass bug now exploited in attacks

CISA has tagged another critical Ivanti security vulnerability, which can let threat actors create rogue admin users on vulnerable Virtual Traffic Manager (vTM) appliances, as actively exploited in ...
Bleeping Computer

VMware urges admins to patch critical auth bypass bug immediately

VMware has warned admins today to patch a critical authentication bypass security flaw affecting local domain users in multiple products and enabling unauthenticated attackers to gain admin privileges ...
CSOonline

Some Brother printers have a remote code execution vulnerability, and they can’t fix it

An authentication bypass vulnerability in the printers, hardcoded at the factory, can be chained with another flaw for remote code execution on affected devices. Brother Industries is grappling with a ...