security update

Oracle fixes 252 vulnerabilities in October 2017 Critical Patch Update
Oracle has released its Critical Patch Update (CPU) for October 2017, addressing 252 vulnerabilities across the wide multitude of its products. Compared to the July 2017 CPU, …

Adobe releases emergency fix for Flash Player zero-day exploited in the wild
Adobe has released an out-of-band security update for Adobe Flash Player that patches a zero-day remote code execution vulnerability actively exploited in the wild. Kaspersky …

October Patch Tuesday: 61 bugs and one zero-day fixed
For its October Patch Tuesday, Microsoft has patched 61 vulnerabilities (27 of them critical) and one Office zero-day labeled as “important.” The zero-day The …

Patching discrepancy between supported Windows versions puts users at risk
Security improvements should be a welcome addition to all software, but if they are not also simultaneously backported into its older and still supported versions, they can …

PoC for several Magento vulnerabilities released, update now!
DefenseCode has published proof of concept code for two CSRF and stored XSS vulnerabilities affecting a number of versions of the popular e-commerce platform Magento. Magento …

Widely used DNS forwarder and DHCP server Dnsmasq riddled with flaws
Google researchers have discovered seven serious vulnerabilities in Dnsmasq, a lightweight, widely used DNS forwarder and DHCP server for small computer networks. Dnsmasq is …

Is your Mac software secure but firmware vulnerable?
Mac users who have updated to the latest OS version or have downloaded and implemented the most recent security update may not be as secure as they originally thought, Duo …

Maintaining Windows 10 security tops list of enterprise challenges
Companies are experiencing significant challenges in their attempts to keep their endpoints secure. Maintaining Windows 10 security topped the list of challenges with over …

Patch Tuesday: 80+ vulnerabilities fixed, one exploited in the wild
As part of its regular, monthly Patch Tuesday update, Microsoft has released patches for 81 new vulnerabilities, including a zero-day in the .NET Framework. The September …

Patch your Android device to foil Toast Overlay attacks
Overlay attacks are nothing new for Android users, and Palo Alto Networks Unit 42 researchers have found yet another way for attackers to perpetrate them. An “overlay attack” …

Easily exploitable Apache Struts vulnerability opens businesses to attack
A critical vulnerability in Apache Struts, a popular open source framework for developing web applications, opens any server running an app built using it to remote attackers. …

Patients with St. Jude pacemakers called in for firmware update
Patients using one of several types of implantable radio frequency-enabled pacemakers manufactured by St. Jude Medical will have to visit their healthcare provider to receive …
Featured news
Resources
Don't miss
- How agentic AI and non-human identities are transforming cybersecurity
- Even the best safeguards can’t stop LLMs from being fooled
- Wave of tech layoffs leads to more job scams
- PoC exploit for SysAid pre-auth RCE released, upgrade quickly!
- Actively exploited FreeType flaw fixed in Android (CVE-2025-27363)