Dark Reading

Path Traversal Bug Besets Popular Kyocera Office Printers

A newly published path traversal vulnerability could enable account takeover, data theft, and follow-on attacks at organizations using Kyocera printers and other multifunction devices. Kyocera is a ...
IT News For Australia Business

Serious path traversal bug found in Microsoft's NLWeb "Agentic Web" tool

Microsoft's open source NLWeb framework for delivering AI-driven agentic web applications shipped with an easy to exploit path traversal vulnerability that revealed the context of sensitive system ...
ITWire

From path traversal to supply chain compromise: breaking MCP server hosting

COMPANY NEWS: We found a path traversal vulnerability in Smithery.ai that compromised over 3,000 MCP servers and exposed thousands of API keys. Here's how a single Docker build bug nearly triggered ...
Bleeping Computer

Apache fixes actively exploited zero-day vulnerability, patch now

The Apache Software Foundation has released version 2.4.50 of the HTTP Web Server to address two vulnerabilities, one of which is an actively exploited path traversal and file disclosure flaw. The ...
Bleeping Computer

SolarWinds Serv-U path traversal flaw actively exploited in attacks

Threat actors are actively exploiting a SolarWinds Serv-U path-traversal vulnerability, leveraging publicly available proof-of-concept (PoC) exploits. Although the attacks do not appear particularly ...
Dark Reading

Don't Underestimate Directory Traversal Attacks

About as simple to fix as they are to exploit, directory traversal vulnerabilities stand as a persistent threat in the application environment. Yet it is one that many developers and even security ...