patch

Ivanti provides temporary patches for actively exploited EPMM zero-day (CVE-2026-1281)

0-day, CISA, Don't miss, endpoint management, enterprise, Hot stuff, Ivanti, News, patch /

Ivanti provides temporary patches for actively exploited EPMM zero-day (CVE-2026-1281) 2026-01-30 at 05:32 By Zeljka Zorz Ivanti has released provisional patches that fix two critical code injection vulnerabilities in Endpoint Manager Mobile (EPMM), one of which (CVE-2026-1281) has been exploited in zero-day attacks and has been added to CISA’s Known Exploited Vulnerabilities catalog. Investigating potential […]

Ivanti provides temporary patches for actively exploited EPMM zero-day (CVE-2026-1281) Read More »

High-Severity Remote Code Execution Vulnerability Patched in OpenSSL

Data Protection, OpenSSL, patch, remote code execution, Vulnerabilities, vulnerability /

High-Severity Remote Code Execution Vulnerability Patched in OpenSSL 2026-01-28 at 09:48 By Eduard Kovacs A total of 12 vulnerabilities have been fixed in OpenSSL, all discovered by a single cybersecurity firm. The post High-Severity Remote Code Execution Vulnerability Patched in OpenSSL appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

High-Severity Remote Code Execution Vulnerability Patched in OpenSSL Read More »

Atlassian, GitLab, Zoom Release Security Patches

Atlassian, GitLab, patch, Vulnerabilities, vulnerability, Zoom /

Atlassian, GitLab, Zoom Release Security Patches 2026-01-22 at 11:49 By Ionut Arghire Fixes were rolled out for over two dozen vulnerabilities, including critical- and high-severity bugs. The post Atlassian, GitLab, Zoom Release Security Patches appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Atlassian, GitLab, Zoom Release Security Patches Read More »

Cisco Patches Vulnerability Exploited by Chinese Hackers

Cisco, exploited, patch, Vulnerabilities /

Cisco Patches Vulnerability Exploited by Chinese Hackers 2026-01-16 at 11:54 By Ionut Arghire UAT-9686 exploited the bug to deploy the AquaShell backdoor on Cisco appliances with certain ports open to the internet. The post Cisco Patches Vulnerability Exploited by Chinese Hackers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Cisco Patches Vulnerability Exploited by Chinese Hackers Read More »

Researcher Spotlights WhatsApp Metadata Leak as Meta Begins Rolling Out Fixes

Featured, Fingerprint, patch, Privacy, Vulnerabilities, vulnerability /

Researcher Spotlights WhatsApp Metadata Leak as Meta Begins Rolling Out Fixes 2026-01-05 at 14:18 By Eduard Kovacs WhatsApp device fingerprinting can be useful in the delivery of sophisticated spyware, but impact is very limited without a zero-day. The post Researcher Spotlights WhatsApp Metadata Leak as Meta Begins Rolling Out Fixes appeared first on SecurityWeek. This

Researcher Spotlights WhatsApp Metadata Leak as Meta Begins Rolling Out Fixes Read More »

Fortinet Patches Critical Authentication Bypass Vulnerabilities

Fortinet, patch, Vulnerabilities, vulnerability /

Fortinet Patches Critical Authentication Bypass Vulnerabilities 2025-12-10 at 15:18 By Ionut Arghire The two security defects impact FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager with FortiCloud SSO login authentication enabled. The post Fortinet Patches Critical Authentication Bypass Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Fortinet Patches Critical Authentication Bypass Vulnerabilities Read More »

SAP Patches Critical Vulnerabilities With December 2025 Security Updates

patch, SAP, Vulnerabilities, vulnerability /

SAP Patches Critical Vulnerabilities With December 2025 Security Updates 2025-12-10 at 14:39 By Ionut Arghire Affecting Solution Manager, Commerce Cloud, and jConnect SDK, the bugs could lead to code injection and remote code execution. The post SAP Patches Critical Vulnerabilities With December 2025 Security Updates appeared first on SecurityWeek. This article is an excerpt from

SAP Patches Critical Vulnerabilities With December 2025 Security Updates Read More »

Microsoft Silently Mitigated Exploited LNK Vulnerability

Endpoint Security, Featured, LNK, Microsoft, patch, Vulnerabilities, Windows /

Microsoft Silently Mitigated Exploited LNK Vulnerability 2025-12-03 at 14:35 By Ionut Arghire Windows now displays in the properties tab of LNK files critical information that could reveal malicious code. The post Microsoft Silently Mitigated Exploited LNK Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Silently Mitigated Exploited LNK Vulnerability Read More »

Firefox 145 and Chrome 142 Patch High-Severity Flaws in Latest Releases

Chrome, Firefox, patch, Vulnerabilities, vulnerability /

Firefox 145 and Chrome 142 Patch High-Severity Flaws in Latest Releases 2025-11-13 at 07:38 By Ionut Arghire Google and Mozilla have released fresh Chrome and Firefox updates that address multiple high-severity security defects. The post Firefox 145 and Chrome 142 Patch High-Severity Flaws in Latest Releases appeared first on SecurityWeek. This article is an excerpt

Firefox 145 and Chrome 142 Patch High-Severity Flaws in Latest Releases Read More »

SAP Patches Critical Flaws in SQL Anywhere Monitor, Solution Manager

patch, SAP, Vulnerabilities, vulnerability /

SAP Patches Critical Flaws in SQL Anywhere Monitor, Solution Manager 2025-11-11 at 16:59 By Ionut Arghire Hardcoded credentials in SQL Anywhere Monitor could allow attackers to execute arbitrary code on vulnerable deployments. The post SAP Patches Critical Flaws in SQL Anywhere Monitor, Solution Manager appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

SAP Patches Critical Flaws in SQL Anywhere Monitor, Solution Manager Read More »

Chrome 142 Update Patches High-Severity Flaws

Chrome, patch, Vulnerabilities, vulnerability /

Chrome 142 Update Patches High-Severity Flaws 2025-11-07 at 12:35 By Ionut Arghire An out-of-bounds write flaw in WebGPU tracked as CVE-2025-12725 could be exploited for remote code execution. The post Chrome 142 Update Patches High-Severity Flaws appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Chrome 142 Update Patches High-Severity Flaws Read More »

Cisco Patches Critical Vulnerabilities in Contact Center Appliance

Cisco, patch, Vulnerabilities, vulnerability /

Cisco Patches Critical Vulnerabilities in Contact Center Appliance 2025-11-06 at 14:50 By Ionut Arghire The flaws allow attackers to execute arbitrary code remotely and elevate their privileges to root on an affected system. The post Cisco Patches Critical Vulnerabilities in Contact Center Appliance appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Cisco Patches Critical Vulnerabilities in Contact Center Appliance Read More »

Android Update Patches Critical Remote Code Execution Flaw

Android, Mobile & Wireless, patch /

Android Update Patches Critical Remote Code Execution Flaw 2025-11-04 at 11:24 By Ionut Arghire The November 2025 Android patches resolve two vulnerabilities, both in the platform’s System component. The post Android Update Patches Critical Remote Code Execution Flaw appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Android Update Patches Critical Remote Code Execution Flaw Read More »

ConnectWise Patches Critical Flaw in Automate RMM Tool

ConnectWise, MITM, patch, Vulnerabilities, vulnerability /

ConnectWise Patches Critical Flaw in Automate RMM Tool 2025-10-20 at 16:07 By Ionut Arghire Attackers could exploit vulnerable deployments to intercept and tamper with communications in certain configurations. The post ConnectWise Patches Critical Flaw in Automate RMM Tool appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

ConnectWise Patches Critical Flaw in Automate RMM Tool Read More »

‘Highest Ever’ Severity Score Assigned by Microsoft to ASP.NET Core Vulnerability

ASP.NET, Microsoft, patch, Vulnerabilities, vulnerability /

‘Highest Ever’ Severity Score Assigned by Microsoft to ASP.NET Core Vulnerability 2025-10-17 at 15:59 By Ionut Arghire CVE-2025-55315 is an HTTP request smuggling bug leading to information leaks, file content tampering, and server crashes. The post ‘Highest Ever’ Severity Score Assigned by Microsoft to ASP.NET Core Vulnerability appeared first on SecurityWeek. This article is an

‘Highest Ever’ Severity Score Assigned by Microsoft to ASP.NET Core Vulnerability Read More »

Microsoft Patches 173 Vulnerabilities, Including Exploited Windows Flaws

Endpoint Security, Featured, Microsoft, patch, Patch Tuesday, vulnerability /

Microsoft Patches 173 Vulnerabilities, Including Exploited Windows Flaws 2025-10-15 at 07:40 By Ionut Arghire The tech giant has rolled out fixes for 173 CVEs, including five critical-severity security defects. The post Microsoft Patches 173 Vulnerabilities, Including Exploited Windows Flaws appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Patches 173 Vulnerabilities, Including Exploited Windows Flaws Read More »

Chrome 141 and Firefox 143 Patches Fix High-Severity Vulnerabilities

Chrome, Firefox, patch, Vulnerabilities /

Chrome 141 and Firefox 143 Patches Fix High-Severity Vulnerabilities 2025-10-03 at 11:44 By Ionut Arghire High-severity flaws were patched in Chrome’s WebGPU and Video components, and in Firefox’s Graphics and JavaScript Engine components. The post Chrome 141 and Firefox 143 Patches Fix High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Chrome 141 and Firefox 143 Patches Fix High-Severity Vulnerabilities Read More »

SolarWinds fixes critical Web Help Desk RCE vulnerability (CVE-2025-26399)

Don't miss, Hot stuff, News, patch, SolarWinds, vulnerability /

SolarWinds fixes critical Web Help Desk RCE vulnerability (CVE-2025-26399) 2025-09-24 at 19:44 By Zeljka Zorz SolarWinds has fixed yet another unauthenticated remote code execution vulnerability (CVE-2025-26399) in Web Help Desk (WHD), its popular web-based IT ticketing and asset management solution. While the vulnerability is currently not being leveraged by attackers, they might soon reverse-engineer the

SolarWinds fixes critical Web Help Desk RCE vulnerability (CVE-2025-26399) Read More »

SolarWinds Makes Third Attempt at Patching Exploited Vulnerability

exploited, Featured, patch, SolarWinds, Vulnerabilities, Web Help Desk /

SolarWinds Makes Third Attempt at Patching Exploited Vulnerability 2025-09-23 at 19:51 By Ionut Arghire CVE-2025-26399 is a patch bypass of CVE-2024-28988, which is a patch bypass of the exploited CVE-2024-28986. The post SolarWinds Makes Third Attempt at Patching Exploited Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

SolarWinds Makes Third Attempt at Patching Exploited Vulnerability Read More »

All Microsoft Entra Tenants Were Exposed to Silent Compromise via Invisible Actor Tokens: Researcher

cloud security, Entra, Microsoft, Microsoft Entra, patch /

All Microsoft Entra Tenants Were Exposed to Silent Compromise via Invisible Actor Tokens: Researcher 2025-09-23 at 16:05 By Kevin Townsend The strength of responsible disclosure is that it can solve problems before they are actioned. The weakness is that it potentially generates a false sense of security in the vendor. The post All Microsoft Entra

All Microsoft Entra Tenants Were Exposed to Silent Compromise via Invisible Actor Tokens: Researcher Read More »

Scroll to Top