CISA adds iPhone bugs to its Known Exploited Vulnerabilities catalog
The three issues reside in the WebKit browser engine and are tracked as CVE-2023-32409, CVE-2023-28204, and CVE-2023-32373
Read More...
Barracuda warns of email gateways breached via zero-day flaw
The company advises organizations to review their environments to confirm the threat actors did not spread to other devices on the network
Read More...
Cisco warns of critical switch bugs with public exploit code
All four security flaws received almost maximum severity ratings with CVSS base scores of 9.8/10
Read More...
Apple fixes three new zero-days exploited to hack iPhones, Macs
The security bugs were all found in the multi-platform WebKit browser engine and are tracked as CVE-2023-32409, CVE-2023-28204, and CVE-2023-32373
Read More...
Parental control app with 5 million downloads vulnerable to attacks
Impacted by multiple vulnerabilities that could enable attackers to upload arbitrary files on protected devices, steal user credentials, and allow children to bypass restrictions without the parents noticing
Read More...
Microsoft Fixes Failed Patch for Exploited Outlook Vulnerability
An unauthenticated attacker on the internet could use the vulnerability to coerce an Outlook client to connect to an attacker-controlled server
Read More...
Fortinet Patches High-Severity Vulnerabilities in FortiADC, FortiOS
An attacker could exploit the bug via crafted arguments to existing commands, allowing them to execute unauthorized commands
Read More...
Cisco phone adapters vulnerable to RCE attacks, no fix available
A successful exploit could allow the attacker to execute arbitrary code on the affected device with full privileges
Read More...
Alert: Active Exploitation of TP-Link, Apache, and Oracle Vulnerabilities Detected
Federal Civilian Executive Branch (FCEB) agencies are required to apply vendor-provided fixes by May 22, 2023, to secure their networks against these active threats
Read More...
Zyxel Firewall Devices Vulnerable to Remote Code Execution Attacks — Patch Now
Improper error message handling in some firewall versions could allow an unauthenticated attacker to execute some OS commands remotely by sending crafted packets to an affected device
Read More...