Zeljka Zorz
![patch tuesday](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/12093110/patch-tuesday-hands1-400x200.jpg)
Microsoft fixes exploited WordPad, Skype for Business zero-days (CVE-2023-36563, CVE-2023-41763)
On this October 2023 Patch Tuesday, Microsoft has released 103 patches and has fixed three actively exploited vulnerabilities (CVE-2023-36563, CVE-2023-41763, CVE-2023-44487). …
![Linux](https://img.helpnetsecurity.com/wp-content/uploads/2017/06/09103829/Linux2-400x200.jpg)
GNOME users at risk of RCE attack (CVE-2023-43641)
If you’re running GNOME on you Linux system(s), you are probably open to remote code execution attacks via a booby-trapped file, thanks to a memory corruption …
![Curl](https://img.helpnetsecurity.com/wp-content/uploads/2023/10/10083125/curl-logo-400x200.jpg)
Be prepared to patch high-severity vulnerability in curl and libcurl
UPDATE (October 11, 2023, 07:15 a.m. ET): Curl v8.4.0 is out and fixes both CVE-2023-38545, a SOCKS5 heap buffer overflow vulnerability and CVE-2023-38546, a cookie injection …
![money](https://img.helpnetsecurity.com/wp-content/uploads/2017/07/09103700/money-1-400x200.jpg)
Exploit writers invited to probe Chrome’s V8 engine, Google Cloud’s KVM
Google is asking bug hunters and exploit writers to develop 0-day and n-day exploits in Chrome’s V8 JavaScript engine and Google Cloud’s Kernel-based Virtual …
![Linux](https://img.helpnetsecurity.com/wp-content/uploads/2022/06/10122853/linux-red-danger-400x200.jpg)
“Looney Tunables” bug allows root access on Linux distros (CVE-2023-4911)
A vulnerability (CVE-2023-4911) in the GNU C Library (aka “glibc”) can be exploited by attackers to gain root privileges on many popular Linux distributions, …
![AWS keys](https://img.helpnetsecurity.com/wp-content/uploads/2022/06/25115350/aws-keys-hns-400x200.jpg)
Amazon: AWS root accounts must have MFA enabled
Amazon wants to make it more difficult for attackers to compromise Amazon Web Services (AWS) root accounts, by requiring those account holders to enable multi-factor …
![hardware](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/21110220/hardware_red-400x200.jpg)
Zero-day in Arm GPU drivers exploited in targeted attacks (CVE-2023-4211)
A vulnerability (CVE-2023-4211) in the kernel drivers for several Mali GPUs “may be under limited, targeted exploitation,” British semiconductor manufacturer Arm …
![Exim](https://img.helpnetsecurity.com/wp-content/uploads/2021/05/04131615/exim-red-helpnetsecurity-400x200.jpg)
Critical zero-days in Exim revealed, only 3 have been fixed
Six zero-days in Exim, the most widely used mail transfer agent (MTA), have been revealed by Trend Micro’s Zero Day Initiative (ZDI) last Wednesday. Due to what seems to …
![danger](https://img.helpnetsecurity.com/wp-content/uploads/2019/07/09093741/danger1-400x200.jpg)
Google “confirms” that exploited Chrome zero-day is actually in libwebp (CVE-2023-5129)
UPDATE (September 28, 2023, 03:15 a.m. ET): The CVE-2023-5129 ID has been either rejected or withdrawn by the CVE Numbering Authority (Google), since it’s a duplicate of …
![JetBrains TeamCity](https://img.helpnetsecurity.com/wp-content/uploads/2023/09/26135733/jetbrains_teamcity-1400-400x200.jpg)
Critical JetBrains TeamCity vulnerability could be exploited to launch supply chain attacks (CVE-2023-42793)
Software development firm JetBrains has fixed a critical vulnerability (CVE-2023-42793) in its TeamCity continuous integration and continuous delivery (CI/CD) solution, which …
![Sony](https://img.helpnetsecurity.com/wp-content/uploads/2023/09/26120154/sony1-400x200.jpg)
Has Sony been hacked again?
Ransomed.vc, a relatively new ransomware / cyber extortion group, claims to have hacked Sony and made off with valuable data. Sony allegedly hacked and its data held for …
![Apple](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/12104917/apple-bkg3-400x200.jpg)
Apple fixes 3 zero-day vulnerabilities exploited to compromise iPhones
Apple has released updates for iOS and iPadOS, macOS, watchOS, and Safari to fix three zero-day vulnerabilities (CVE-2023-41992, CVE-2023-41991, CVE-2023-41993) exploited …
Featured news
Sponsored
Don't miss
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation
- Firmware update hides Bluetooth fingerprints