vulnerabilities affecting the Nissan Leaf electric vehicle Researchers have demonstrated that a series of vulnerabilities affecting the Nissan Leaf electric vehicle can be exploited to remotely hack the car, including for spying and the physical takeover of various functions. The research was conducted by PCAutomotive, a company that offers penetration testing and threat intelligence services…
Palo Alto Networks has disclosed multiple critical security vulnerabilities in its Expedition migration tool, including a concerning OS command injection flaw that enables attackers to execute arbitrary commands and access sensitive firewall credentials. The command injection vulnerability (CVE-2025-0107) allows authenticated attackers to run arbitrary OS commands as the www-data user, potentially exposing usernames, cleartext passwords, device…
Cisco has released patches to address a high-severity security flaw impacting its Secure Client software that could be exploited by a threat actor to open a VPN session with that of a targeted user. Cisco described the vulnerability, tracked as CVE-2024-20337 (CVSS score: 8.2), as allowing an unauthenticated, remote attacker to conduct a carriage return…
