Patching – Securitydive

1,400 GitLab Servers Impacted by Exploited Vulnerability

admin3 months ago03 mins

A critical vulnerability in GitLab’s email verification process, which can lead to password hijacking, is being exploited in the wild, the US cybersecurity agency CISA warns. Tracked as CVE-2023-7028 (CVSS score of 10/10), the flaw allows for password reset messages to be sent to email addresses that have not been verified, enabling attackers to hijack…

Sternum Announced Enhanced Security for the ChargePoint Home Flex.

admin6 months ago06 mins

Sternum, the pioneer in embedded IoT security and observability, today announced enhanced security for the ChargePoint Home Flex. In a comprehensive research project, Sternum identified a potential vulnerability involving the reverse SSH tunnel and deprecated NTP client and HTTP servers. ChargePoint, with its last firmware update, has disabled the HTTP server and updated the NTP…