TP-Link warns users to patch critical router auth bypass flaw

TP-Link has patched several vulnerabilities in its Archer NX router series, including a critical-severity flaw that may allow ...
CSOonline

Group permission misconfiguration exposes Google Kubernetes Engine clusters

It's easy for admins to misunderstand what GKE considers authenticated users and set permissions that could allow anyone with a Google account to access their systems. Researchers warn that many ...
CSOonline

Misconfigurations can cause many Microsoft Power Pages sites to expose sensitive data

Organizations that develop websites with Microsoft Power Pages can accidentally overprovision database privileges for authenticated or anonymous users, leading to the exposure of sensitive records, a ...
Bleeping Computer

Email addresses of 15 million Trello users leaked on hacking forum

A threat actor has released over 15 million email addresses associated with Trello accounts that were collected using an unsecured API in January. Trello is an online project management tool owned by ...