Cisco patches leaked 0-day in 300+ of its switches
Cisco has plugged a critical security hole in over 300 of its switches, and is urging users to apply the patches as soon as possible because an exploit for it has been …
Oracle fixes Solaris 10 flaw targeted by leaked NSA exploit
Oracle has pushed out a record-breaking 299 fixes for vulnerabilities in its many, many products, and among them is a Solaris 10 bug whose existence has been revealed through …
Vulnerability in WhatsApp and Telegram allowed complete account takeover
Check Point researchers today revealed a new vulnerability on WhatsApp and Telegram’s online platforms – WhatsApp Web & Telegram Web. By exploiting this vulnerability, …
Microsoft pushes out patches for critical Flash Player vulnerabilities
Microsoft has skipped its February 2017 Patch Tuesday and postponed the release of those patches for March, but there are apparently security vulnerabilities that must be …
Critical Linux bug opens systems to compromise
Researchers from the Polytechnic University of Valencia have discovered a critical flaw that can allow attackers – both local and remote – to obtain root shell on …
Cisco plugs critical hole in Prime Home management platform
Cisco has released nine security alerts on Wednesday, and among these are two for critical vulnerabilities in its ASR 900 Series routers and the Cisco Prime Home management …
Microsoft ends Tuesday patches
Yesterday was a big day for Patch Tuesday. It was the last traditional Windows Patch Tuesday as Microsoft is moving to a new patching release model. In the future, patches …
Cisco starts publishing fixes for EXTRABACON exploit
Starting last Wednesday, Cisco has begun publishing fixes for the SNMP RCE flaw in the software of its Adaptive Security Appliances (ASA), which can be triggered through the …
Bug in Chrome’s PDF reader allows arbitrary code execution
Vulnerabilities in software often arise from faulty implementations of elements developed by other code writers. Take for example CVE-2016-1681, the heap-based buffer overflow …
Researchers release PoC exploit for broken IBM Java patch
Polish firm Security Explorations has had enough of broken patches for security vulnerabilities it has reported to vendors. On Monday, the company’s CEO Adam Gowdiak has …
Critical gaps in IT departments’ approach to enterprise security
A new study by conducted by Ultimate Windows Security, released at RSA Conference, provides visibility into the uses, concerns and challenges that IT departments face in …
Year-old critical Magento flaw still exploited, payment info stolen
A whole year has passed since a critical e-shop hijacking flaw in the Magento CMS has been patched, but the vulnerability is still being exploited in attacks in the wild, …
Featured news
Resources
Don't miss
- Unpatched Windows vulnerability continues to be exploited by APTs (CVE-2025-9491)
- CISA and partners take action as Microsoft Exchange security risks mount
- Shadow AI: New ideas emerge to tackle an old problem in new form
- AI chatbots are sliding toward a privacy crisis
- You can’t audit how AI thinks, but you can audit what it does