Tenable has identified a privilege escalation vulnerability in Google Cloud Run called ImageRunner. The vulnerability could have allowed attackers to bypass permissions, gain unauthorised access to container images and potentially expose sensitive data. Cloud Run, Google’s serverless container platform, uses a service agent with elevated permissions to pull private Google ContainerRead More…

Yealink has thanked Positive Technologies for discovering the critical vulnerability BDU:2024-00482 in its Yealink Meeting Server videoconferencing system. Yealink is a prominent VoIP provider and is among five major online conferencing vendors. Its products are used in 140 countries. The vendor was notified of the threat per the responsible disclosure policy and released a software patch.Read More…

Qualys has announced it acquired the assets of Blue Hexagon. This brings AI/machine learning (AI/ML) to the Qualys Cloud Platform to help convert petabytes of highly integrated data into meaningful insights for customers. This acquisition will enable Qualys to leverage its powerful Cloud Platform and its more than 10 trillionRead More…