Please turn on your JavaScript for this page to function normally.
Apple
Apple pushes out emergency fix for actively exploited zero-day (CVE-2023-37450)

Apple has patched an actively exploited zero-day vulnerability (CVE-2023-37450) by releasing Rapid Security Response updates for iPhones, iPads and Macs running the latest …

Revolut
Flaw in Revolut payment systems exploited to steal $20 million

Organized criminal groups exploited a flaw in Revolut’s payment systems and made off with $20+ million of the company’s money, the Financial Times reported on Sunday, …

Microsoft Teams
Malware delivery to Microsoft Teams users made easy

A tool that automates the delivery of malware from external attackers to target employees’ Microsoft Teams inbox has been released. TeamsPhisher (Source: Alex Reid) About the …

backup
PoC for Arcserve UDP authentication bypass flaw published (CVE-2023-26258)

An authentication bypass vulnerability (CVE-2023-26258) in the Arcserve Unified Data Protection (UDP) enterprise data protection solution can be exploited to compromise admin …

Microsoft Teams
Microsoft Teams vulnerability allows attackers to deliver malware to employees

Security researchers have uncovered a bug that could allow attackers to deliver malware directly into employees’ Microsoft Teams inbox. “Organisations that use …

Apple
Apple fixes zero-day vulnerabilities used to covertly deliver spyware (CVE-2023-32435)

Apple has released patches for three zero-day vulnerabilities (CVE-2023-32434, CVE-2023-32435, CVE-2023-32439) exploited in the wild. The first two have been reported by …

VMware
VMware Aria Operations for Networks vulnerability exploited in the wild (CVE-2023-20887)

CVE-2023-20887, a pre-authentication command injection vulnerability in VMware Aria Operations for Networks (formerly vRealize Network Insight), has been spotted being …

Zyxel NAS542
Zyxel patches critical vulnerability in NAS devices (CVE-2023-27992)

Zyxel has released firmware patches for a critical vulnerability (CVE-2023-27992) in some of its consumer network attached storage (NAS) devices. About CVE-2023-27992 …

Progress MOVEit
A third MOVEit vulnerability fixed, Cl0p lists victim organizations (CVE-2023-35708)

Progress Software has asked customers to update their MOVEit Transfer installations again, to fix a third SQL injection vulnerability (CVE-2023-35708) discovered in the web …

patch tuesday
June 2023 Patch Tuesday: Critical patches for Microsoft Windows, SharePoint, Exchange

For June 2023 Patch Tuesday, Microsoft has delivered 70 new patches but, for once, none of the fixed vulnerabilities are currently exploited by attackers nor were publicly …

Progress MOVEit
PoC exploit for exploited MOVEit vulnerability released (CVE-2023-34362)

As more victim organizations of Cl0p gang’s MOVEit rampage continue popping up, security researchers have released a PoC exploit for CVE-2023-34362, the RCE …

Progress MOVEit
It’s time to patch your MOVEit Transfer solution again!

Progress Software customers who use the MOVEit Transfer managed file transfer solution might not want to hear it, but they should quickly patch their on-prem installations …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released whent there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools