Toggle light / dark theme

Over 660,000 Rsync servers exposed to code execution attacks

Over 660,000 exposed Rsync servers are potentially vulnerable to six new vulnerabilities, including a critical-severity heap-buffer overflow flaw that allows remote code execution on servers.

Rsync is an open-source file synchronization and data transferring tool valued for its ability to perform incremental transfers, reducing data transfer times and bandwidth usage.

It supports local file systems transfers, remote transfers over secure protocols like SSH, and direct file syncing via its own daemon.

W3 Total Cache plugin flaw exposes 1 million WordPress sites to attacks

A severe flaw in the W3 Total Cache plugin installed on more than one million WordPress sites could give attackers access to various information, including metadata on cloud-based apps.

The W3 Total Cache plugin uses multiple caching techniques to optimize a website’s speed, reduce load times, and generally improve its SEO ranking.

The flaw is tracked as CVE-2024–12365 despite the developer releasing a fix in the latest version of the product, hundreds of thousands of websites have still to install the patched variant.

Record-breaking Rf-252: Researchers produce shortest-lived superheavy nucleus and measure its subsequent decay

A team of researchers from GSI/FAIR, Johannes Gutenberg University Mainz, and the Helmholtz Institute Mainz has succeeded in exploring the limits of the so-called island of stability within the superheavy nuclides more precisely by measuring the superheavy rutherfordium-252 nucleus, which is now the shortest-lived known superheavy nucleus.

Their results are published in Physical Review Letters.

/* */