SecurityWeek

Critical Vulnerability in HP VoIP Phones Enables Enterprise Network Breaches

A stack-based buffer overflow vulnerability in HP VoIP phones allows remote attackers to execute arbitrary code with root ...
CSO Online

HP Poly VoIP vulnerability sets the stage for executive voice deepfakes

The remote code execution flaw enables root access and voice attacks on HP Poly VoIP phones, including eavesdropping and the ability to collect audio to generate deepfakes.
ZDNet

Green Dam exploit in the wild

An exploit for a flaw in censorware mandated by the Chinese government has been made publicly available for download on the internet. The buffer overflow flaw exists in the latest, patched version of ...
Ars Technica

Serious flaw that lurked in sudo for 9 years hands over root privileges

Sudo, a utility found in dozens of Unix-like operating systems, has received a patch for a potentially serious bug that allows unprivileged users to easily obtain unfettered root privileges on ...
CSOonline

CISA, FBI call software with buffer overflow issues ‘unforgivable’

The federal directive forbids vendors from shipping software with such flaws, and flags recent Microsoft, and Ivanti zero-days as examples. FBI and CISA have issued a joint advisory to warn software ...
Ars Technica

Exploit that gives remote access affects ~200 million cable modems

Hundreds of millions of cable modems are vulnerable to critical takeover attacks by hackers halfway around the world, researchers said. Cable Haunt, as the researchers have named their ...