Vulnerabilities

Apple Warns of Newly Exploited iOS 17 Kernel Zero-Day

Apple Warns of Newly Exploited iOS 17 Kernel Zero-Day 04/10/2023 at 22:16 By Ryan Naraine Apple’s cat-and-mouse struggles with zero-day exploits on its flagship iOS platform is showing no signs of slowing down. The post Apple Warns of Newly Exploited iOS 17 Kernel Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek […]

Apple Warns of Newly Exploited iOS 17 Kernel Zero-Day Read More »

Atlassian Ships Urgent Patch for Exploited Confluence Zero-Day

Atlassian Ships Urgent Patch for Exploited Confluence Zero-Day 04/10/2023 at 20:16 By Ryan Naraine Atlassian confirms that “a handful of customers” were hit by exploits targeting a remotely exploitable flaw in its Confluence Data Center and Server products. The post Atlassian Ships Urgent Patch for Exploited Confluence Zero-Day appeared first on SecurityWeek. This article is

Atlassian Ships Urgent Patch for Exploited Confluence Zero-Day Read More »

New Supermicro BMC Vulnerabilities Could Expose Many Servers to Remote Attacks

New Supermicro BMC Vulnerabilities Could Expose Many Servers to Remote Attacks 04/10/2023 at 18:16 By Ionut Arghire Supermicro has released BMC IPMI firmware updates to address multiple vulnerabilities impacting select motherboard models. The post New Supermicro BMC Vulnerabilities Could Expose Many Servers to Remote Attacks appeared first on SecurityWeek. This article is an excerpt from

New Supermicro BMC Vulnerabilities Could Expose Many Servers to Remote Attacks Read More »

Severe Glibc Privilege Escalation Vulnerability Impacts Major Linux Distributions

Severe Glibc Privilege Escalation Vulnerability Impacts Major Linux Distributions 04/10/2023 at 16:16 By Ionut Arghire A local privilege escalation vulnerability (CVE-2023-4911) in the GNU C Library (glibc) can be exploited to gain full root privileges. The post Severe Glibc Privilege Escalation Vulnerability Impacts Major Linux Distributions appeared first on SecurityWeek. This article is an excerpt

Severe Glibc Privilege Escalation Vulnerability Impacts Major Linux Distributions Read More »

Qualcomm Patches 3 Zero-Days Reported by Google

Qualcomm Patches 3 Zero-Days Reported by Google 04/10/2023 at 13:31 By Eduard Kovacs Qualcomm has patched more than two dozen vulnerabilities, including three zero-days that may have been exploited by spyware vendors. The post Qualcomm Patches 3 Zero-Days Reported by Google appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

Qualcomm Patches 3 Zero-Days Reported by Google Read More »

Critical TorchServe Flaws Could Expose AI Infrastructure of Major Companies

Critical TorchServe Flaws Could Expose AI Infrastructure of Major Companies 03/10/2023 at 19:18 By Eduard Kovacs ShellTorch attack chains critical TorchServe vulnerabilities and could completely compromise the AI infrastructure of major companies. The post Critical TorchServe Flaws Could Expose AI Infrastructure of Major Companies appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Critical TorchServe Flaws Could Expose AI Infrastructure of Major Companies Read More »

Companies Address Impact of Exploited Libwebp Vulnerability 

Companies Address Impact of Exploited Libwebp Vulnerability  03/10/2023 at 12:46 By Eduard Kovacs Companies have addressed the impact of the exploited Libwebp vulnerability CVE-2023-4863 on their products.  The post Companies Address Impact of Exploited Libwebp Vulnerability  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

Companies Address Impact of Exploited Libwebp Vulnerability  Read More »

Live Exploitation Underscores Urgency to Patch Critical WS-FTP Server Flaw

Live Exploitation Underscores Urgency to Patch Critical WS-FTP Server Flaw 02/10/2023 at 20:17 By Ryan Naraine Rapid7 says attackers are targeting a critical pre-authentication flaw in Progress Software’s WS_FTP server just days after disclosure. The post Live Exploitation Underscores Urgency to Patch Critical WS-FTP Server Flaw appeared first on SecurityWeek. This article is an excerpt

Live Exploitation Underscores Urgency to Patch Critical WS-FTP Server Flaw Read More »

Unpatched Exim Vulnerabilities Expose Many Mail Servers to Attacks 

Unpatched Exim Vulnerabilities Expose Many Mail Servers to Attacks  02/10/2023 at 14:48 By Eduard Kovacs Patches are being developed for serious Exim vulnerabilities that could expose many mail servers to attacks.  The post Unpatched Exim Vulnerabilities Expose Many Mail Servers to Attacks  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

Unpatched Exim Vulnerabilities Expose Many Mail Servers to Attacks  Read More »

Recently Patched TeamCity Vulnerability Exploited to Hack Servers

Recently Patched TeamCity Vulnerability Exploited to Hack Servers 02/10/2023 at 13:01 By Eduard Kovacs In-the-wild exploitation of a critical vulnerability in the TeamCity CI/CD server started shortly after a patch was released by developers. The post Recently Patched TeamCity Vulnerability Exploited to Hack Servers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Recently Patched TeamCity Vulnerability Exploited to Hack Servers Read More »

CISA Warns of Old JBoss RichFaces Vulnerability Being Exploited in Attacks

CISA Warns of Old JBoss RichFaces Vulnerability Being Exploited in Attacks 29/09/2023 at 16:46 By Eduard Kovacs CISA has added CVE-2018-14667, an old critical JBoss RichFaces flaw to its known exploited vulnerabilities catalog. The post CISA Warns of Old JBoss RichFaces Vulnerability Being Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt

CISA Warns of Old JBoss RichFaces Vulnerability Being Exploited in Attacks Read More »

Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks

Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks 29/09/2023 at 16:46 By Ionut Arghire Hackers have set their sights on CVE-2023-34468, an RCE vulnerability in Apache NiFi that impacts thousands of organizations.  The post Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks appeared first on

Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks Read More »

Cloudflare Users Exposed to Attacks Launched From Within Cloudflare: Researchers

Cloudflare Users Exposed to Attacks Launched From Within Cloudflare: Researchers 29/09/2023 at 14:31 By Ionut Arghire Gaps in Cloudflare’s security controls allow users to bypass protections and target others from the platform itself. The post Cloudflare Users Exposed to Attacks Launched From Within Cloudflare: Researchers appeared first on SecurityWeek. This article is an excerpt from

Cloudflare Users Exposed to Attacks Launched From Within Cloudflare: Researchers Read More »

Progress Software Patches Critical Pre-Auth Flaws in WS_FTP Server Product 

Progress Software Patches Critical Pre-Auth Flaws in WS_FTP Server Product  28/09/2023 at 22:48 By Ryan Naraine Progress Software ships patches for critical-severity flaws in its WS_FTP file transfer software and warns that a pre-authenticated attacker could wreak havoc on the underlying operating system. The post Progress Software Patches Critical Pre-Auth Flaws in WS_FTP Server Product 

Progress Software Patches Critical Pre-Auth Flaws in WS_FTP Server Product  Read More »

Cisco Warns of IOS Software Zero-Day Exploitation Attempts

Cisco Warns of IOS Software Zero-Day Exploitation Attempts 28/09/2023 at 15:32 By Ionut Arghire Cisco has released patches for vulnerability in the GET VPN feature of IOS and IOS XE software that has been exploited in attacks. The post Cisco Warns of IOS Software Zero-Day Exploitation Attempts appeared first on SecurityWeek. This article is an

Cisco Warns of IOS Software Zero-Day Exploitation Attempts Read More »

Google Rushes to Patch New Zero-Day Exploited by Spyware Vendor

Google Rushes to Patch New Zero-Day Exploited by Spyware Vendor 28/09/2023 at 13:16 By Eduard Kovacs Google has rushed to patch a new Chrome zero-day vulnerability, tracked as CVE-2023-5217 and exploited by a spyware vendor.  The post Google Rushes to Patch New Zero-Day Exploited by Spyware Vendor appeared first on SecurityWeek. This article is an

Google Rushes to Patch New Zero-Day Exploited by Spyware Vendor Read More »

Firefox 118 Patches High-Severity Vulnerabilities

Firefox 118 Patches High-Severity Vulnerabilities 27/09/2023 at 17:17 By Ionut Arghire Firefox 118 patches six high-severity vulnerabilities, including a memory leak potentially leading to sandbox escape. The post Firefox 118 Patches High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

Firefox 118 Patches High-Severity Vulnerabilities Read More »

macOS 14 Sonoma Patches 60 Vulnerabilities

macOS 14 Sonoma Patches 60 Vulnerabilities 27/09/2023 at 15:30 By Eduard Kovacs macOS 14 Sonoma has been officially released by Apple and the latest version of the operating system patches over 60 vulnerabilities. The post macOS 14 Sonoma Patches 60 Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

macOS 14 Sonoma Patches 60 Vulnerabilities Read More »

In-the-Wild Exploitation Expected for Critical TeamCity Flaw Allowing Server Takeover

In-the-Wild Exploitation Expected for Critical TeamCity Flaw Allowing Server Takeover 25/09/2023 at 13:32 By Ionut Arghire A critical vulnerability in the TeamCity CI/CD server could allow unauthenticated attackers to execute code and take over vulnerable servers. The post In-the-Wild Exploitation Expected for Critical TeamCity Flaw Allowing Server Takeover appeared first on SecurityWeek. This article is

In-the-Wild Exploitation Expected for Critical TeamCity Flaw Allowing Server Takeover Read More »

Faster Patching Pace Validates CISA’s KEV Catalog Initiative

Faster Patching Pace Validates CISA’s KEV Catalog Initiative 22/09/2023 at 15:17 By Ionut Arghire CISA says Known Exploited Vulnerabilities Catalog has helped federal agencies significantly accelerate their vulnerability remediation pace. The post Faster Patching Pace Validates CISA’s KEV Catalog Initiative appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

Faster Patching Pace Validates CISA’s KEV Catalog Initiative Read More »

Scroll to Top