Orbit Network LLC

07/27/2023

Almost 40% of Ubuntu users vulnerable to new privilege elevation flaws

Two Linux vulnerabilities introduced recently into the Ubuntu kernel create the potential for unprivileged local users to gain elevated privileges on a massive number of devices.

07/18/2023

Hackers exploiting critical WordPress WooCommerce Payments bug

Hackers are conducting widespread exploitation of a critical WooCommerce Payments plugin to gain the privileges of any users, including administrators, on vulnerable WordPress installation.

07/06/2023

StackRot Linux kernel flaw could allow attackers to gain root privileges.StackRot impacts all kernel configurations on Linux versions 6.1 through 6.4.

Update your systems today!

CVE-2023-3269

07/06/2023

Researchers for Avast have developed a decryptor for the Akira ransomware and released it for public download.

Researchers for Avast have developed a decryptor for the Akira ransomware and released it for public download. The Akira ransomware appeared in March 2023 and since then, the gang claims successful attacks on various organizations in the education, finance and real estate industries, amongst others.

07/06/2023

high-severity vulnerability CVE-2023-20185 in Cisco Nexus 9000 series switches ACI multi-site CloudSec encryption feature could allow attackers to intercept and modify encrypted traffic.

No fix yet

A vulnerability in the Cisco ACI Multi-Site CloudSec encryption feature of Cisco Nexus 9000 Series Fabric Switches in ACI mode could allow an unauthenticated, remote attacker to read or modify intersite encrypted traffic. This vulnerability is due to an issue with the implementation of the ciphers t...

07/06/2023

Microsoft is again pushing a Defender Antivirus update (first issued in April and pulled in May) that fixes a known issue triggering Windows Security warnings that Local Security Authority (LSA) Protection is off.

07/05/2023

The massive bug at the heart of the npm ecosystem

The npm registry for the Node.js JavaScript runtime environment is susceptible to what's called a manifest confusion attack.

An overview of the new features released in v1 - code block copy, multiple authors, frontmatter layout and more

07/04/2023

No less than 330000 FortiGate firewalls are still unpatched and vulnerable to CVE-2023-27997, a critical security flaw affecting Fortinet devices that have come under active exploitation in the wild.

CVE-2023-27997 (CVSS score: 9.8), also called XORtigate, is a critical vulnerability impacting Fortinet FortiOS and FortiProxy SSL-VPN appliances that could allow a remote attacker to execute arbitrary code or commands via specifically crafted requests

01/22/2022

Backdoor Found in Themes and Plugins from AccessPress Themes

Please update and take action as soon as possible.

We discovered a backdoor in themes and plugins by AccessPress Themes. If you have any of these themes or plugins on your site, we recommend updating or migrating to a new theme as soon as possible.

01/11/2022

WordPress 5.8.3 Security Release

Filed under Releases, Security.
This security release features four security fixes. Because this is a security release, it is recommended that you update your sites immediately. All versions since WordPress 3.7 have also been updated.

This security release features four security fixes. Because this is a security release, it is recommended that you update your sites immediately. All versions since WordPress 3.7 have also been upd…