A critical vulnerability in Moodle, an open source system deployed across hundreds of thousands of universities, could expose the server to compromise.
A severe vulnerability has been disclosed in libpurple, the library used in the development of a number of popular instant messaging clients, including Adium for the macOS platform.
Cisco said an unpatched critical vulnerability exposed by WikiLeaks’ Vault 7 release of CIA documents could give an attacker full control of the targeted switches and routers.
Researchers at SEC Consult disclosed a command injection vulnerability in Ubiquiti Networks gear for ISPs after a private disclosure to the vendor in November went unresolved.
Mike Mimoso and Chris Brook discuss the news of the week, including Pwn2Own 2017, Microsoft’s silence around February’s Patch Tuesday, and a nasty SAP bug.
Security tools that proxy and inspect HTTPS traffic create a blindspot for network administrators trying to determine whether communication between clients and servers is secure.