security update
![](https://img.helpnetsecurity.com/wp-content/uploads/2022/10/31120944/connectwise-05-400x200.jpg)
Critical ConnectWise ScreenConnect vulnerabilities fixed, patch ASAP!
UPDATE (February 22, 2024, 05:40 a.m. ET): Now designated as CVE-2024-1709 and CVE-2024-1708, the vulnerabilities are under active exploitation. Go here for up-to-date …
![QNAP](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/12101710/qnap-1-400x200.jpg)
QNAP fixes OS command injection flaws affecting its NAS devices (CVE-2023-47218, CVE-2023-50358)
QNAP Systems has patched two unauthenticated OS command injection vulnerabilities (CVE-2023-47218, CVE-2023-50358) in various versions of the operating systems embedded in the …
![Fortinet](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/11200538/fortinet-wall-400x200.jpg)
Critical Fortinet FortiOS flaw exploited in the wild (CVE-2024-21762)
Fortinet has patched critical remote code execution vulnerabilities in FortiOS (CVE-2024-21762, CVE-2024-23313), one of which is “potentially” being exploited in …
![patch tuesday](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/12093110/patch-tuesday-hands1-400x200.jpg)
February 2024 Patch Tuesday forecast: Zero days are back and a new server too
UPDATE: February 13, 14:55 ET – February 2024 Patch Tuesday is live. January 2024 Patch Tuesday is behind us. A relatively light release from Microsoft with 39 CVEs …
![JetBrains TeamCity](https://img.helpnetsecurity.com/wp-content/uploads/2023/09/26135733/jetbrains_teamcity-1400-400x200.jpg)
On-premises JetBrains TeamCity servers vulnerable to auth bypass (CVE-2024-23917)
JetBrains has patched a critical authentication bypass vulnerability (CVE-2024-23917) affecting TeamCity On-Premises continuous integration and deployment servers. About …
![Mastodon](https://img.helpnetsecurity.com/wp-content/uploads/2024/02/04131130/mastondon-1400-400x200.jpg)
Lagging Mastodon admins urged to patch critical account takeover flaw (CVE-2024-23832)
Five days after Mastodon developers pushed out fixes for a remotely exploitable account takeover vulnerability (CVE-2024-23832), over 66% of Mastodon servers out there have …
![GitLab](https://img.helpnetsecurity.com/wp-content/uploads/2022/08/24123913/gitlab-24082022-01-400x200.jpg)
Self-managed GitLab installations should be patched again (CVE-2024-0402)
Less than two weeks after having plugged a security hole that allows account takeover without user interaction, GitLab Inc. has patched a critical vulnerability …
![Jenkins](https://img.helpnetsecurity.com/wp-content/uploads/2024/01/29102602/jenkins-1400-400x200.jpg)
Critical Jenkins RCE flaw exploited in the wild. Patch now! (CVE-2024-23897)
Several proof-of-concept (PoC) exploits for a recently patched critical vulnerability (CVE-2024-23897) in Jenkins have been made public and there’s evidence of …
![Apple](https://img.helpnetsecurity.com/wp-content/uploads/2023/12/01103731/apple-network-400x200.jpg)
Apple fixes actively exploited WebKit zero-day (CVE-2024-23222)
Apple has fixed an actively exploited zero-day vulnerability (CVE-2024-23222) that affects Macs, iPhones, iPads and AppleTVs. About CVE-2024-23222 CVE-2024-23222 is a type …
![vmware](https://img.helpnetsecurity.com/wp-content/uploads/2024/01/18110318/vmware-1400-monitor-400x200.jpg)
VMware: Plug critical Aria Automation hole immediately! (CVE-2023-34063)
A critical vulnerability (CVE-2023-34063) affecting VMware Aria Automation and VMware Cloud Foundation can be exploited by attackers to gain access to remote organizations and …
![Google Chrome](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/12104204/chrome-connection2-400x200.jpg)
Google fixes actively exploited Chrome zero-day (CVE-2024-0519)
In the new stable release of the Chrome browser, Google has fixed three security vulnerabilities affecting the V8 engine, including one zero-day (CVE-2024-0519) with an …
![Atlassian Confluence](https://img.helpnetsecurity.com/wp-content/uploads/2024/01/16183650/confluence-red-1400-400x200.jpg)
Atlassian reveals critical Confluence RCE flaw, urges “immediate action” (CVE-2023-22527)
Atlassian has patched a critical vulnerability (CVE-2023-22527) in Confluence Data Center and Confluence Server that could lead to remote code execution. The good news is that …
Featured news
Sponsored
Don't miss
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation
- Firmware update hides Bluetooth fingerprints
- Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)
- Risk related to non-human identities: Believe the hype, reject the FUD