security update
![Apple](https://img.helpnetsecurity.com/wp-content/uploads/2020/02/11151617/apple-orange-400x200.jpg)
Apple delivers belated zero-day patch for iOS v12 (CVE-2022-42856)
Apple has released security updates for macOS, iOS, iPadOS and watchOS, patching – among other things – a type confusion flaw in the WebKit component …
![git](https://img.helpnetsecurity.com/wp-content/uploads/2023/01/19125253/git-19012023-04-400x200.jpg)
Critical RCE vulnerabilities found in git (CVE-2022-41903, CVE-2022-23251)
A source code audit has revealed two critical vulnerabilities affecting git, the popular distributed version control system for collaborative software development. The latest …
![NetComm NF20MESH](https://img.helpnetsecurity.com/wp-content/uploads/2023/01/18145018/netcomm-nf20mesh-400x200.jpg)
Vulnerable NetComm routers and a public PoC exploit (CVE-2022-4873, CVE-2022-4874)
Two vulnerabilities (CVE-2022-4873, CVE-2022-4874) found in three NetComm router models could be exploited to achieve remote code execution on vulnerable devices, and …
![Patch Tuesday](https://img.helpnetsecurity.com/wp-content/uploads/2020/08/11203235/patch-tuesday-mountain-400x200.jpg)
Microsoft plugs actively exploited zero-day hole (CVE-2023-21674)
To mark the January 2023 Patch Tuesday, Microsoft has released patches for 98 CVE-numbered vulnerabilities, including one exploited in the wild (CVE-2023-21674) and one …
![patch](https://img.helpnetsecurity.com/wp-content/uploads/2022/11/08204553/patch-400x200.jpg)
January 2023 Patch Tuesday forecast: Procrastinate at your own risk
The start of a new year means it’s time to start working towards achieving your annual resolutions. Based on the headlines from the December news media, perhaps the most …
![patch Tuesday](https://img.helpnetsecurity.com/wp-content/uploads/2022/11/08204602/patch-tuesday-2022-400x200.jpg)
Microsoft fixes exploited zero-day, revokes certificate used to sign malicious drivers (CVE-2022-44698)
It’s December 2022 Patch Tuesday, and Microsoft has delivered fixes for 50+ vulnerabilities, including a Windows SmartScreen bypass flaw (CVE-2022-44698) exploited by …
![Fortinet](https://img.helpnetsecurity.com/wp-content/uploads/2016/01/09195232/fortinet-400x200.jpg)
Critical FortiOS pre-auth RCE vulnerability exploited by attackers (CVE-2022-42475)
A critical RCE vulnerability (CVE-2022-42475) in Fortinet’s operating system, FortiOS, is being exploited by attackers, reportedly by a ransomware group. “Fortinet …
![Google Chrome](https://img.helpnetsecurity.com/wp-content/uploads/2016/08/09110819/google-chrome-400x200.jpg)
Google Chrome zero-day exploited in the wild (CVE-2022-4262)
Google has patched CVE-2022-4262, a type confusion vulnerability in the V8 JavaScript engine used by Google Chrome (and Chromium), which is being exploited by attackers in the …
![Backstage](https://img.helpnetsecurity.com/wp-content/uploads/2022/11/14094831/backstage-code-400x200.jpg)
Critical vulnerability in Spotify’s Backstage discovered, patched
A critical unauthenticated remote code execution vulnerability in Spotify’s Backstage project has been found and fixed, and developers are advised to take immediate action in …
![patch Tuesday](https://img.helpnetsecurity.com/wp-content/uploads/2022/11/08204602/patch-tuesday-2022-400x200.jpg)
Microsoft fixes many zero-days under attack
November 2022 Patch Tuesday is here, with fixes for many vulnerabilities actively exploited in the wild, including CVE-2022-41091, a Windows Mark of the Web bypass flaw, and …
![OpenSSL](https://img.helpnetsecurity.com/wp-content/uploads/2022/11/01094047/openssl-cryptography-tls-400x200.jpg)
High-severity OpenSSL vulnerabilities fixed (CVE-2022-3602, CVE-2022-3786)
Version 3.0.7 of the popular OpenSSL cryptographic library is out, with fixes for CVE-2022-3602 and CVE-2022-3786, two high-severity buffer overflow vulnerabilities in the …
![](https://img.helpnetsecurity.com/wp-content/uploads/2022/10/31120944/connectwise-05-400x200.jpg)
ConnectWise backup solutions open to RCE, patch ASAP!
ConnectWise has fixed a critical vulnerability in ConnectWise Recover and R1Soft Server Backup Manager that could allow attackers to achieve remote code exection (RCE) or …
Featured news
Sponsored
Don't miss
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation
- Firmware update hides Bluetooth fingerprints
- Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)