Business 2 Community

Directory Traversal — Web-based Application Security, Part 8

In a world driven by digital technology, having an online presence is no longer an option for individuals and organizations. However, exposing your business to the digital universe comes with website ...
Bleeping Computer

Latest Path Traversal news

Researchers have released a report detailing how a recent WinRAR path traversal vulnerability tracked as CVE-2025-8088 was exploited in zero-day attacks by the Russian 'RomCom' hacking group to drop ...
Threat Post

NSA: 5 Security Bugs Under Active Nation-State Cyberattack

Widely deployed platforms from Citrix, Fortinet, Pulse Secure, Synacor and VMware are all in the crosshairs of APT29, bent on stealing credentials and more. The Feds are warning that nation-state ...
Threat Post

Cisco Patches Critical Flaw After PoC Exploit Code Release

A critical path-traversal flaw (CVE-2020-27130) exists in Cisco Security Manager that lays bare sensitive information to remote, unauthenticated attackers. A day after proof-of-concept (PoC) exploit ...
Searchenginejournal.com

WordPress Security Plugin Vulnerability Affects +1 Million Sites

WordPress security plugin discovered to have two vulnerabilities that could allow a malicious upload, cross-site scripting and allow viewing of contents of arbitrary files. All-In-One Security (AIOS) ...
Bleeping Computer

Fortinet: New FortiOS bug used as zero-day to attack govt networks

Unknown attackers used zero-day exploits to abuse a new FortiOS bug patched this month in attacks targeting government and large organizations that have led to OS and file corruption and data loss.