Microsoft December 2022 Patch Tuesday fixes 2 zero-days, 49 flaws
Six of the 49 vulnerabilities fixed with this update are classified as 'Critical' as they allow remote code execution, one of the most severe vulnerabilities
Read More...
New Actively Exploited Zero-Day Vulnerability Discovered in Apple Products
Apple rolled out security updates to iOS, iPadOS, macOS, tvOS, and Safari web browsers to address a new zero-day vulnerability that results in remote code execution
Read More...
New Python malware backdoors VMware ESXi servers for remote access
A previously undocumented Python backdoor targeting VMware ESXi servers has been spotted, enabling hackers to execute commands remotely on a compromised system
Read More...
Fortinet says the SSL-VPN pre-auth RCE bug is exploited in attacks
Fortinet urges customers to patch their appliances against an actively exploited FortiOS SSL-VPN vulnerability that could allow unauthenticated remote code execution on devices
Read More...
Hackers exploit critical Citrix ADC and Gateway zero-day
This new vulnerability allows an unauthenticated attacker to execute commands remotely on vulnerable devices and take control of them
Read More...
Google Chrome Flaw Added to CISA Patch List
Google has already released a fixed version of Chrome browser for Windows, Mac, and Linux users. CISA has given government agencies until Dec. 26 to get a patch
Read More...
Cisco discloses high-severity IP phone bug with exploit code
Cisco has disclosed today a high-severity vulnerability affecting the latest generation of its IP phones and exposing them to remote code execution and denial of service (DoS) attacks
Read More...
Automated dark web markets sell corporate email accounts for $2
Security researchers who followed this trend have reported at least 225,000 email accounts for sale on underground markets
Read More...
Sophos fixed a critical flaw in its Sophos Firewall version 19.5
Sophos addressed several vulnerabilities affecting its Sophos Firewall version 19.5, including arbitrary code execution issues
Read More...
Dell, HP, and Lenovo Devices Found Using Outdated OpenSSL Versions
An analysis of firmware images across devices from Dell, HP, and Lenovo has revealed the presence of outdated versions of the OpenSSL cryptographic library, underscoring a supply chain risk
Read More...