An update for Plesk 12 (Windows) was just released to address various security vulnerabilities and it is recommended that you update as soon as possible.
An update for CloudLinux CageFS was just released to address a security vulnerability and it is recommended that you update as soon as possible. (This update was found by RACK911 Labs.) Join Our Online Security and Hosting Newsletter Today and stay updated with the latest news, updates, releases &…
Joomla! 3.7.1 is now available. This is a security release for the 3.x series of Joomla! which addresses one critical security vulnerability and several bug fixes. The security issue was found to be the result of inadequate filtering of requested data that lead to a SQL Injection vulnerability. We…
Oakley Capital has acquired web hosting control panel Plesk in a deal valued at $105 million, making Plesk a completely independent company from Parallels. According to a statement by Plesk on Friday, it plans to move beyond traditional web hosting into the hyperscale cloud – offering support for WordPress…
VMware has fixed a critical flaw in its vCenter Server that could be exploited to execute code remotely. The vulnerability affects vCenter versions 6.5 and 6.0. Users are urged to upgrade to versions 6.5c or 6.0U3b. US-CERT warned about the vulnerability, stressing exploitation could result in an attacker taking…
cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system. cPanel has rated these updates as having CVSSv2 scores ranging from…
An update for LiteSpeed 4 & 5 was just released to address a security vulnerability within OpenSSL (CVE-2015-1793) and it is recommended that you update as soon as possible. Join Our Online Security and Hosting Newsletter Today and stay updated with the latest news, updates, releases & much more….
Attackers are hijacking vulnerable home routers to launch attacks against WordPress sites. The attacks exploit two flaws in the TR-069 router management protocol to send malicious requests to port 7547. Experts have been advising home users to limit access to port 7547. Internet service providers (ISPs) could take steps…
A remote code execution vulnerability has been reported in Exim, with immediate public disclosure (we were given no private notice). A tentative patch exists but has not yet been confirmed. Exim is a widely used mail transfer agent used on Unix-like operating systems. Join Our Online Security and Hosting…
Researchers have discovered authorization bypass bugs in three WordPress plugins, making a total of 400,000 WordPress websites vulnerable to cyber attacks. The affected plugins are InfiniteWP, WP Time Capsule and the WP Database Reset plugin. Join Our Online Security and Hosting Newsletter Today and stay updated with the latest…
cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system. cPanel has rated these updates as having CVSSv3 scores ranging from…
Newsletter, a free WordPress plugin with more than 300,000 installations, was found to contain multiple vulnerabilities that could eventually lead to the takeover of an affected website. The bugs were discovered by the Wordfence team who notified the developer of the plugin. Join Our Online Security and Hosting Newsletter…
An update for Magento was just released to address a critical security vulnerability and it is recommended that you update as soon as possible. Official Link: http://bit.ly/1flmoA8 Source: hostingseclist.com Join Our Online Security and Hosting Newsletter Today and stay updated with the latest news, updates, releases & much more….
WordPress 4.3.1 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. This release addresses three issues, including two cross-site scripting vulnerabilities and a potential privilege escalation. Join Our Online Security and Hosting Newsletter Today and stay…
Researchers from universities in Adelaide, Eindhoven, Chicago, Maryland and Pennsylvania have published a paper describing how they used a local side-channel attack to break the Libgcrypt encryption library. The exploit could be used to recover a RSA-1024 key. Join Our Online Security and Hosting Newsletter Today and stay updated…
A vulnerability that VMware patched recently in some of its products, is currently being exploited and Russian threat actors are leveraging this vulnerability to install malware on corporate systems and access protected data, the National Security Agency (NSA) warned on Monday. Join Our Online Security and Hosting Newsletter Today…
