Lexmark warns of RCE bug affecting 100 printer models, PoC released
Lexmark has released a security firmware update to fix a severe vulnerability that could enable remote code execution (RCE) on more than 100 printer models. [...]
Security warnings identify potential threats, unsafe configurations, or urgent weaknesses so organizations can assess risk and take protective action.
Search across headline titles and summaries.
Background for this topic.
Warning is a notification that a security-relevant condition may require attention, such as a newly disclosed vulnerability, suspicious authentication activity, malicious campaign, unsafe configuration, or deceptive message. In security news, the term commonly covers public advisories and threat-intelligence notices as well as operational alerts generated by defensive systems; it does not by itself prove that an attack or compromise has occurred.
Practitioners should assess the warning’s source, affected products or environments, evidence, severity, exploitability, and recommended action. Vulnerability warnings may require identifying exposed assets, applying a fix or mitigation, and checking for exploitation; campaign warnings may provide indicators for detection and investigation. Alerts should be triaged against logs and other evidence, with significant findings routed into incident response. Because attackers can imitate urgent security notices, recipients should verify requests and access instructions through trusted channels, while excessive or poorly tuned alerts can create fatigue and obscure genuinely important signals.
Lexmark has released a security firmware update to fix a severe vulnerability that could enable remote code execution (RCE) on more than 100 printer models. [...]
The U.K. National Cyber Security Centre (NCSC) has issued a warning of Russian and Iranian state-sponsored hackers increasingly targeting organizations and individuals. [...]
GoTo (formerly LogMeIn) is warning customers that threat actors who breached its development environment in November 2022 stole encrypted backups containing customer information and an encryption key for a portion of that data. [...]
The Cybersecurity and Infrastructure Security Agency (CISA) has added a remote code execution (RCE) affecting most Zoho ManageEngine products to its catalog of bugs known to be exploited in the wild. [...]
The FanDuel sportsbook and betting site is warning customers that their names and email addresses were exposed in a January 2023 MailChimp security breach, urging users to remain vigilant against phishing emails. [...]
The FanDuel sportsbook and betting site is warning customers that their names and email addresses were exposed in a January 2023 MailChimp security breach, urging users to remain vigilant against phishing emails. [...]