Episode 121: Wordfence is Now a CVE Numbering Authority (CNA)
Wordfence is now a CVE Numbering Authority, or a CNA. As a CNA, Wordfence can now assign CVE IDs for new vulnerabilities in WordPress Core, WordPress Plugins and WordPress Themes.…
Episode 120: Jetpack Autoupdate Security Patch Bypasses Local Settings
A security fix for an information leak vulnerability was pushed out to WordPress sites using Jetpack that bypassed local settings preventing autoupdates. A ransomware attack on JBS that shut down…
Episode 119: Critical VMWare Vulnerability Threatens Data Centers
A Critical Vulnerability in VMWare’s vCenter Server threatens some of the largest data centers in the world. An actively exploited 0-day in macOS was used to take screen shots of…
Episode 118: Four Android Vulnerabilities Under Active Attack
Four memory corruption vulnerabilities are being actively exploited on Android devices and nearly 2 dozen popular Android apps exposed over 100 Million users’ sensitive information in cloud databases. Over 600,000…