![snake](https://img.helpnetsecurity.com/wp-content/uploads/2016/12/09105517/snake-400x200.jpg)
Attackers are weaponizing more vulnerabilities than ever before
2018 had the most weaponized vulnerabilities ever (177), which represents a 139% increase compared to 2017, according to the RiskSense latest report. In addition, the rate of …
![Cisco](https://img.helpnetsecurity.com/wp-content/uploads/2017/02/09105152/cisco-400x200.jpg)
Cisco botched patches for its RV320/RV325 routers
Cisco RV320 and RV325 WAN VPN routers are still vulnerable to attack through two flaws that Cisco had supposedly patched. #Cisco Small Business Routers still vulnerable to …
![patch](https://img.helpnetsecurity.com/wp-content/uploads/2017/01/09105339/patch2-400x200.jpg)
January 2019 Patch Tuesday forecast: Partly cloudy followed by heavy fog around Java
2018 ended with a bit of excitement. Shortly after November Patch Tuesday we saw a pair of Flash Player zero-days (November 20 and December 5), which were followed by just …
![Apache Struts](https://img.helpnetsecurity.com/wp-content/uploads/2017/03/09104837/apache-struts-400x200.jpg)
Apache Struts 2.3.x vulnerable to two year old RCE flaw
The Apache Software Foundation is urging users that run Apache Struts 2.3.x to update the Commons FileUpload library to close a serious vulnerability that could be exploited …
![Windows](https://img.helpnetsecurity.com/wp-content/uploads/2018/08/09100324/windows2-400x200.jpg)
0patch releases micropatch for Windows Task Scheduler zero-day
Earlier this week a security researcher that goes by “SandboxEscaper” published details and a PoC exploit for a zero-day local privilege escalation vulnerability …
![gap](https://img.helpnetsecurity.com/wp-content/uploads/2017/01/09105311/gap-400x200.png)
Microsoft ADFS flaw allows attackers to bypass MFA safeguards
A vulnerability (CVE-2018-8340) in Microsoft Active Directory Federation Services (ADFS) allows a second authentication factor for one account to be used for all other …
![Oracle](https://img.helpnetsecurity.com/wp-content/uploads/2017/04/09104527/oracle-400x200.jpg)
Critical vulnerability in Oracle Database, patch without delay!
Oracle is urging users to patch their Oracle Database installations to plug a critical security issue that can result in complete compromise of the Oracle Database and shell …
![vmware](https://img.helpnetsecurity.com/wp-content/uploads/2018/06/09100820/vmware-400x200.jpg)
VMware plugs RCE hole in remote management agent
VMware has fixed a critical remote code execution vulnerability in VMware AirWatch Agent for Android and Windows Mobile, and is urging users to upgrade to the newest versions …
![patch](https://img.helpnetsecurity.com/wp-content/uploads/2018/04/09101346/patch-1-400x200.jpg)
What patches to prioritize following the April 2018 Patch Tuesday?
Patch Tuesday came and went and, as usual, Microsoft and Adobe have released patches/security updates for vulnerabilities affecting a wide variety of their products. …
![Microsoft](https://img.helpnetsecurity.com/wp-content/uploads/2017/03/09104830/microsoft-400x200.jpg)
Easily exploited flaw in Microsoft Malware Protection Engine allows total system compromise
A critical and extremely easily exploitable vulnerability in the Microsoft Malware Protection Engine (MMPE) has been patched through an out-of-band security update pushed out …
![patch](https://img.helpnetsecurity.com/wp-content/uploads/2017/01/09105342/patch-400x200.jpg)
Researchers find critical flaws in SecurEnvoy SecurMail, patch now!
If you’re a user of SecurEnvoy SecurMail and you haven’t yet implemented the latest patch, do so now – or risk getting your encrypted emails read by …
![Cisco](https://img.helpnetsecurity.com/wp-content/uploads/2018/01/09102007/cisco-400x200.jpg)
Cisco fixes critical flaw in its Secure Access Control System
Cisco has pushed out fixes for security vulnerabilities in a wide variety of its products, including two critical flaws in its Secure Access Control System (ACS) and its Prime …
Featured news
Sponsored
Don't miss
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation
- Firmware update hides Bluetooth fingerprints
- Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)
- Risk related to non-human identities: Believe the hype, reject the FUD