security update
Chrome zero-day exploited in the wild, patch now! (CVE-2023-4863)
Google has rolled out a security update for a critical Chrome zero-day vulnerability (CVE-2023-4863) exploited in the wild. About the vulnerability (CVE-2023-4863) …
VMware fixes critical vulnerability in Aria Operations for Networks (CVE-2023-34039)
VMware has patched one critical (CVE-2023-34039) and one high-severity vulnerability (CVE-2023-20890) in Aria Operations for Networks, its popular enterprise network …
PoC for no-auth RCE on Juniper firewalls released
Researchers have released additional details about the recently patched four vulnerabilities affecting Juniper Networks’ SRX firewalls and EX switches that could allow …
Attackers exploited WinRAR zero-day for months to steal money from brokers (CVE-2023-38831)
Financially-motivated attackers have exploited a zero-day vulnerability in WinRAR (CVE-2023-38831) to trick traders into installing malware that would allow them to steal …
Ivanti Sentry zero-day vulnerability exploited, patch ASAP! (CVE-2023-38035)
Ivanti is urging administrators of Ivanti Sentry (formerly MobileIron Sentry) gateways to patch a newly discovered vulnerability (CVE-2023-38035) that could be exploited to …
Juniper Networks fixes flaws leading to RCE in firewalls and switches
Juniper Networks has fixed four vulnerabilities (CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, CVE-2023-36847) in Junos OS that, if chained together, could allow attackers …
WinRAR vulnerable to remote code execution, patch now! (CVE-2023-40477)
RARLAB has fixed a high-severity RCE vulnerability (CVE-2023-40477) in the popular file archiver tool WinRAR. About CVE-2023-40477 A widely used Windows-only utility, WinRAR …
Citrix ShareFile vulnerability actively exploited (CVE-2023-24489)
CVE-2023-24489, a critical Citrix ShareFile vulnerability that the company has fixed in June 2023, is being exploited by attackers. GreyNoise has flagged on Tuesday a sudden …
Ivanti Avalanche vulnerable to attack by unauthenticated, remote attackers (CVE-2023-32560)
Two stack-based buffer overflow bugs (collectively designated as CVE-2023-32560) have been discovered in Ivanti Avalanche, an enterprise mobility management solution. A buffer …
Major vulnerabilities discovered in data center solutions
Researchers have discovered serious security vulnerabilities in two widely used data center solutions: CyberPower’s PowerPanel Enterprise Data Center Infrastructure …
Google unveils stronger cellular security for Android 14
Google has revealed new cellular security mitigations that will be available for users and enterprises on its soon-to-be-released Android 14, and announced a new release …
Downfall attacks can gather passwords, encryption keys from Intel processors
A variety of Intel Core processors and the devices using them are vulnerable to “Downfall”, a new class of attacks made possible by CVE-2022-40982, which enables …
Featured news
Resources
Don't miss
- Critical Firefox, Tor Browser sandbox escape flaw fixed (CVE-2025-2857)
- Android financial threats: What businesses need to know to protect themselves and their customers
- Post-quantum cryptography and the future of online safety
- How to manage and protect your biometric data
- UK NCSC offers security guidance for domain and DNS registrars