CISA adds iPhone bugs to its Known Exploited Vulnerabilities catalog
The three issues reside in the WebKit browser engine and are tracked as CVE-2023-32409, CVE-2023-28204, and CVE-2023-32373
Read More...
Barracuda warns of email gateways breached via zero-day flaw
The company advises organizations to review their environments to confirm the threat actors did not spread to other devices on the network
Read More...
Cisco warns of critical switch bugs with public exploit code
All four security flaws received almost maximum severity ratings with CVSS base scores of 9.8/10
Read More...
Apple fixes three new zero-days exploited to hack iPhones, Macs
The security bugs were all found in the multi-platform WebKit browser engine and are tracked as CVE-2023-32409, CVE-2023-28204, and CVE-2023-32373
Read More...
Parental control app with 5 million downloads vulnerable to attacks
Impacted by multiple vulnerabilities that could enable attackers to upload arbitrary files on protected devices, steal user credentials, and allow children to bypass restrictions without the parents noticing
Read More...
Microsoft Fixes Failed Patch for Exploited Outlook Vulnerability
An unauthenticated attacker on the internet could use the vulnerability to coerce an Outlook client to connect to an attacker-controlled server
Read More...
Fortinet Patches High-Severity Vulnerabilities in FortiADC, FortiOS
An attacker could exploit the bug via crafted arguments to existing commands, allowing them to execute unauthorized commands
Read More...
Cisco phone adapters vulnerable to RCE attacks, no fix available
A successful exploit could allow the attacker to execute arbitrary code on the affected device with full privileges
Read More...
Cisco discloses XSS zero-day flaw in server management tool
Successful exploitation enables unauthenticated attackers to launch cross-site scripting attacks remotely but requires user interaction
Read More...
VMware Releases Critical Patches for Workstation and Fusion Software
A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host
Read More...