Blueliv Intelligence Briefing
Your cybersecurity news summary
Welcome to today’s intelligence briefing, covering noteworthy items on the cybersecurity news agenda.
Find these stories on the Blueliv Threat Exchange Network, a global community of thousands of cybersecurity experts, IT professionals and academics. Membership is free.
New zero-day RCE vBullentin bug patched
The zero-day is a bypass for a patch from a previous vBulletin zero-day — namely CVE-2019-16759, disclosed in September 2019. The previous zero-day allowed attackers to exploit a bug in the vBulletin template system to run malicious code and take over forums without needing to authenticate on the victim sites (a type of bug called a pre-auth RCE). However, a researcher said he found a simple way to bypass the patch and continue to exploit the same CVE-2019-16759 vulnerability Learn more >