A new vulnerability, CVE-2024-42195, has been identified in HCL DevOps Deploy and HCL Launch, enabling users to embed arbitrary HTML tags in the Web UI, causing potential sensitive information disclosure. HCL Software has urged users to update their systems to safeguard against exploitation. No workarounds or alternative mitigations are currently available.
Best of the Worst: Five Attacks That Looked Broken (and Worked)
I skipped last week’s roundup. Holiday weekend, family stuff, the usual. So this is a two-week-ish view of what we’ve published in the Threat Intelligence
