Vulnerabilities

Citrix Patches Critical NetScaler ADC, Gateway Vulnerability

Vulnerabilities /

Citrix Patches Critical NetScaler ADC, Gateway Vulnerability 11/10/2023 at 17:02 By Ionut Arghire Citrix has released patches for a critical information disclosure vulnerability in NetScaler ADC and NetScaler Gateway. The post Citrix Patches Critical NetScaler ADC, Gateway Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React […]

React to this headline:

Loading spinner

Citrix Patches Critical NetScaler ADC, Gateway Vulnerability Read More »

Organizations Respond to HTTP/2 Zero-Day Exploited for DDoS Attacks

DDoS, HTTP, Network Security, Rapid Reset, Vulnerabilities /

Organizations Respond to HTTP/2 Zero-Day Exploited for DDoS Attacks 11/10/2023 at 15:33 By Eduard Kovacs Organizations respond to HTTP/2 Rapid Reset zero-day vulnerability exploited to launch the largest DDoS attacks seen to date.  The post Organizations Respond to HTTP/2 Zero-Day Exploited for DDoS Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Organizations Respond to HTTP/2 Zero-Day Exploited for DDoS Attacks Read More »

Chrome 118 Patches 20 Vulnerabilities

Chrome, Vulnerabilities /

Chrome 118 Patches 20 Vulnerabilities 11/10/2023 at 15:33 By Ionut Arghire Google has released Chrome 118 to the stable channel with patches for 20 vulnerabilities, including one rated ‘critical severity’. The post Chrome 118 Patches 20 Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

Chrome 118 Patches 20 Vulnerabilities Read More »

CISA Warns of Attacks Exploiting Adobe Acrobat Vulnerability 

CISA KEV, exploited, Vulnerabilities /

CISA Warns of Attacks Exploiting Adobe Acrobat Vulnerability  11/10/2023 at 13:48 By Ionut Arghire CISA has added five bugs to its Known Exploited Vulnerabilities catalog, including the recent WordPad, Skype, and HTTP/2 zero-days. The post CISA Warns of Attacks Exploiting Adobe Acrobat Vulnerability  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

CISA Warns of Attacks Exploiting Adobe Acrobat Vulnerability  Read More »

Microsoft Blames Nation-State Threat Actor for Confluence Zero-Day Attacks

Atlassian, Confluence, CVE-2023-22515, Cyberwarfare, Incident Response, Nation-State, Storm-0062, Vulnerabilities /

Microsoft Blames Nation-State Threat Actor for Confluence Zero-Day Attacks 11/10/2023 at 03:01 By Ryan Naraine Microsoft says an APT group tracked as Storm-0062 has been hacking Confluence installations since mid-September, three weeks before Atlassian’s disclosure. The post Microsoft Blames Nation-State Threat Actor for Confluence Zero-Day Attacks appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Microsoft Blames Nation-State Threat Actor for Confluence Zero-Day Attacks Read More »

Microsoft Fixes Exploited Zero-Days in WordPad, Skype for Business

Application Security, CVE-2023-36563, CVE-2023-41763, CVE-2023-44487, Malware & Threats, Microsoft, Patch Tuesday, Vulnerabilities /

Microsoft Fixes Exploited Zero-Days in WordPad, Skype for Business 10/10/2023 at 21:32 By Ryan Naraine Microsoft patches more than 100 vulnerabilities across the Windows ecosystem and warned that three are already being exploited in the wild. The post Microsoft Fixes Exploited Zero-Days in WordPad, Skype for Business appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Microsoft Fixes Exploited Zero-Days in WordPad, Skype for Business Read More »

Patch Tuesday: Code Execution Flaws in Adobe Commerce, Photoshop

Adobe, CVE-2023-26370, Incident Response, magento, Malware & Threats, Patch Tuesday, Vulnerabilities /

Patch Tuesday: Code Execution Flaws in Adobe Commerce, Photoshop 10/10/2023 at 20:17 By Ryan Naraine Adobe Commerce customers exposed to code execution, privilege escalation, arbitrary file system read, and security feature bypass attacks. The post Patch Tuesday: Code Execution Flaws in Adobe Commerce, Photoshop appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Patch Tuesday: Code Execution Flaws in Adobe Commerce, Photoshop Read More »

One-Click GNOME Exploit Could Pose Serious Threat to Linux Systems

GNOME, Linux, Vulnerabilities /

One-Click GNOME Exploit Could Pose Serious Threat to Linux Systems 10/10/2023 at 17:02 By Eduard Kovacs A one-click exploit targeting the Libcue component of the GNOME desktop environment could pose a serious threat to Linux systems. The post One-Click GNOME Exploit Could Pose Serious Threat to Linux Systems appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

One-Click GNOME Exploit Could Pose Serious Threat to Linux Systems Read More »

Researcher Conversations: Natalie Silvanovich From Google’s Project Zero

Featured, Google, Hacker Conversations, Vulnerabilities, vulnerability reserach /

Researcher Conversations: Natalie Silvanovich From Google’s Project Zero 10/10/2023 at 15:37 By Kevin Townsend SecurityWeek continues its Hacker Conversations series in a discussion with Natalie Silvanovich, a member of of Google’s Project Zero. The post Researcher Conversations: Natalie Silvanovich From Google’s Project Zero appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Researcher Conversations: Natalie Silvanovich From Google’s Project Zero Read More »

Google Expands Bug Bounty Program With Chrome, Cloud CTF Events

bug bounty program, Google, Vulnerabilities /

Google Expands Bug Bounty Program With Chrome, Cloud CTF Events 09/10/2023 at 15:01 By Ionut Arghire Google is hosting capture the flag (CTF) events focused on Chrome’s V8 engine and on Kernel-based Virtual Machine (KVM). The post Google Expands Bug Bounty Program With Chrome, Cloud CTF Events appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Google Expands Bug Bounty Program With Chrome, Cloud CTF Events Read More »

Patches Prepared for ‘Probably Worst’ cURL Vulnerability

Curl, Vulnerabilities /

Patches Prepared for ‘Probably Worst’ cURL Vulnerability 09/10/2023 at 15:01 By Ionut Arghire A high-severity vulnerability in the data transfer project cURL will be addressed with libcurl and curl updates this week. The post Patches Prepared for ‘Probably Worst’ cURL Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Patches Prepared for ‘Probably Worst’ cURL Vulnerability Read More »

CISA Reverses Course on Malicious Exploitation of Video Conferencing Device Flaws

Bluetooth, CISA, CISA KEV, Featured, Vulnerabilities /

CISA Reverses Course on Malicious Exploitation of Video Conferencing Device Flaws 06/10/2023 at 13:46 By Eduard Kovacs CISA has removed from its KEV catalog five Owl Labs video conferencing flaws that require the attacker to be in Bluetooth range. The post CISA Reverses Course on Malicious Exploitation of Video Conferencing Device Flaws appeared first on

React to this headline:

Loading spinner

CISA Reverses Course on Malicious Exploitation of Video Conferencing Device Flaws Read More »

Cisco Plugs Gaping Hole in Emergency Responder Software

Cisco, Cisco Emergency Responder, cloud security, CVSS 9.8, disaster recovery, Incident Response, Vulnerabilities /

Cisco Plugs Gaping Hole in Emergency Responder Software 05/10/2023 at 21:31 By Ryan Naraine Cisco warns that unauthenticated, remote attackers can log into devices using root account, which has default, static credentials that cannot be changed or deleted. The post Cisco Plugs Gaping Hole in Emergency Responder Software appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Cisco Plugs Gaping Hole in Emergency Responder Software Read More »

Apple Warns of Newly Exploited iOS 17 Kernel Zero-Day

apple, iOS, iOS 17.0.3, Malware & Threats, Mobile & Wireless, Nation-State, Vulnerabilities, Zero-Day /

Apple Warns of Newly Exploited iOS 17 Kernel Zero-Day 04/10/2023 at 22:16 By Ryan Naraine Apple’s cat-and-mouse struggles with zero-day exploits on its flagship iOS platform is showing no signs of slowing down. The post Apple Warns of Newly Exploited iOS 17 Kernel Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Apple Warns of Newly Exploited iOS 17 Kernel Zero-Day Read More »

Atlassian Ships Urgent Patch for Exploited Confluence Zero-Day

Application Security, Atlassian, Confluence, Malware & Threats, Vulnerabilities, Zero-Day /

Atlassian Ships Urgent Patch for Exploited Confluence Zero-Day 04/10/2023 at 20:16 By Ryan Naraine Atlassian confirms that “a handful of customers” were hit by exploits targeting a remotely exploitable flaw in its Confluence Data Center and Server products. The post Atlassian Ships Urgent Patch for Exploited Confluence Zero-Day appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Atlassian Ships Urgent Patch for Exploited Confluence Zero-Day Read More »

New Supermicro BMC Vulnerabilities Could Expose Many Servers to Remote Attacks

Endpoint Security, Vulnerabilities /

New Supermicro BMC Vulnerabilities Could Expose Many Servers to Remote Attacks 04/10/2023 at 18:16 By Ionut Arghire Supermicro has released BMC IPMI firmware updates to address multiple vulnerabilities impacting select motherboard models. The post New Supermicro BMC Vulnerabilities Could Expose Many Servers to Remote Attacks appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

New Supermicro BMC Vulnerabilities Could Expose Many Servers to Remote Attacks Read More »

Severe Glibc Privilege Escalation Vulnerability Impacts Major Linux Distributions

Linux, Vulnerabilities /

Severe Glibc Privilege Escalation Vulnerability Impacts Major Linux Distributions 04/10/2023 at 16:16 By Ionut Arghire A local privilege escalation vulnerability (CVE-2023-4911) in the GNU C Library (glibc) can be exploited to gain full root privileges. The post Severe Glibc Privilege Escalation Vulnerability Impacts Major Linux Distributions appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Severe Glibc Privilege Escalation Vulnerability Impacts Major Linux Distributions Read More »

Qualcomm Patches 3 Zero-Days Reported by Google

Featured, Mobile & Wireless, Qualcomm, Vulnerabilities /

Qualcomm Patches 3 Zero-Days Reported by Google 04/10/2023 at 13:31 By Eduard Kovacs Qualcomm has patched more than two dozen vulnerabilities, including three zero-days that may have been exploited by spyware vendors. The post Qualcomm Patches 3 Zero-Days Reported by Google appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Qualcomm Patches 3 Zero-Days Reported by Google Read More »

Critical TorchServe Flaws Could Expose AI Infrastructure of Major Companies

AI, Artificial Intelligence, Featured, Vulnerabilities /

Critical TorchServe Flaws Could Expose AI Infrastructure of Major Companies 03/10/2023 at 19:18 By Eduard Kovacs ShellTorch attack chains critical TorchServe vulnerabilities and could completely compromise the AI infrastructure of major companies. The post Critical TorchServe Flaws Could Expose AI Infrastructure of Major Companies appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Critical TorchServe Flaws Could Expose AI Infrastructure of Major Companies Read More »

Scroll to Top