security update
LG smart TVs may be taken over by remote attackers
Bitdefender researchers have uncovered four vulnerabilities in webOS, the operating system running on LG smart TVs, which may offer attackers unrestricted (root) access to the …
Ivanti fixes RCE vulnerability reported by NATO cybersecurity researchers (CVE-2023-41724)
Ivanti has fixed a critical RCE vulnerability (CVE-2023-41724) in Ivanti Standalone Sentry that has been reported by researchers with the NATO Cyber Security Centre. Though …
PoC exploit for critical Fortra FileCatalyst MFT vulnerability released (CVE-2024-25153)
Proof-of-concept (PoC) exploit code for a critical RCE vulnerability (CVE-2024-25153) in Fortra FileCatalyst MFT solution has been published. About CVE-2024-25153 Fortra …
March 2024 Patch Tuesday: Microsoft fixes critical bugs in Windows Hyper-V
On this March 2024 Patch Tuesday, Microsoft has released fixes for 59 CVE-numbered vulnerabilities, but – welcome news! – none of them are currently publicly known …
Cisco patches Secure Client VPN flaw that could reveal authentication tokens (CVE-2024-20337)
Cisco has fixed two high-severity vulnerabilities affecting its Cisco Secure Client enterprise VPN and endpoint security solution, one of which (CVE-2024-20337) could be …
March 2024 Patch Tuesday forecast: A popular framework updated
UPDATE: March 12, 3:55 PM ET – March 2024 Patch Tuesday: Microsoft fixes critical bugs in Windows Hyper-V We’re almost at our third Patch Tuesday and wrapping up the …
VMware patches critical flaws in ESXi, Workstation, Fusion and Cloud Foundation
VMware has fixed four vulnerabilities (CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, CVE-2024-22255) in ESXi, Workstation, Fusion and Cloud Foundation, some of which could …
Apple fixes two actively exploited iOS zero-days (CVE-2024-23225, CVE-2024-23296)
Apple has fixed two iOS zero-day vulnerabilities (CVE-2024-23225, CVE-2024-23296) exploited by attackers in the wild. CVE-2024-23225 and CVE-2024-23296 On Tuesday, Apple …
Critical vulnerabilities in TeamCity JetBrains fixed, release of technical details imminent, patch quickly! (CVE-2024-27198, CVE-2024-27199)
JetBrains has fixed two critical security vulnerabilities (CVE-2024-27198, CVE-2024-27199) affecting TeamCity On-Premises and is urging customers to patch them immediately. …
Critical ConnectWise ScreenConnect vulnerabilities fixed, patch ASAP!
UPDATE (February 22, 2024, 05:40 a.m. ET): Now designated as CVE-2024-1709 and CVE-2024-1708, the vulnerabilities are under active exploitation. Go here for up-to-date …
QNAP fixes OS command injection flaws affecting its NAS devices (CVE-2023-47218, CVE-2023-50358)
QNAP Systems has patched two unauthenticated OS command injection vulnerabilities (CVE-2023-47218, CVE-2023-50358) in various versions of the operating systems embedded in the …
Critical Fortinet FortiOS flaw exploited in the wild (CVE-2024-21762)
Fortinet has patched critical remote code execution vulnerabilities in FortiOS (CVE-2024-21762, CVE-2024-23313), one of which is “potentially” being exploited in …
Featured news
Resources
Don't miss
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests
- Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand
- Hackers pose as employers to steal crypto, login credentials
- Unknown and unsecured: The risks of poor asset visibility