Microsoft Exchange Server 2013 has reached end of support on April 11, 2023, and will no longer receive security patches. The product will still work, but Microsoft is no longer providing technical support, bug fixes, and time zone updates. Furthermore, there will be no fixes for vulnerabilities that could be exploited by hackers. Microsoft has…
Cybersecurity firm Aqua Security warns that two recently patched vulnerabilities affecting Jenkins servers, tracked as CVE-2023-27898 and CVE-2023-27905, can be chained together to achieve remote code execution. The first vulnerability is a high-severity XSS bug that affects Jenkins versions 2.270 through 2.393 and long-term support (LTS) releases 2.277.1 through 2.375.3. The vulnerability exists because Jenkins…
Austrian hotel chain Falkensteiner was recently the victim of a data breach when a researcher discovered an unprotected server storing the personal information of a significant number of customers. Anurag Sen, a researcher at cloud security firm CloudDefense.AI, discovered the exposed data and conducted an analysis which showed that the data was associated with Gustaffo,…