Microsoft has issued a warning over ViewState code injection attacks on ASP.NET websites, where remote code execution can enable cybercriminals to inject malicious code. There are reportedly thousands of publicly available machine keys, originally designed to protect ViewState data, now being used by developers to side-step the process of generating their own, increasing the risk. Microsoft recommends developers generate their own keys, encrypt sensitive data and migrate to newer versions of ASP.NET.
Cisco Smart Software Manager Vulnerability Let Attackers Execute Arbitrary Commands
Cisco has issued an urgent security warning regarding a critical vulnerability in its Smart Software Manager On-Prem (SSM On-Prem) platform. Enterprise organizations widely use this
