security update
Critical flaw allows attackers to take over Cisco Elastic Services Controllers
Cisco has patched a critical, remotely exploitable authentication bypass vulnerability in Cisco Elastic Services Controller (ESC), a popular enterprise software for managing …
Flaw in pre-installed software opens Dell computers to remote hijack
Dell computer owners should update the Dell SupportAssist software as soon as possible to close a high-risk remote code execution vulnerability. What is Dell SupportAssist? …
Magento sites under attack through easily exploitable SQLi flaw
A recently patched SQL injection flaw affecting the popular open-source e-commerce platform Magento is being actively exploited by attackers, so if you haven’t …
CIOs and CISOs hold off on crucial updates due to potential impact on business operations
CIOs and CISOs around the world have held back from implementing critical measures that keep them resilient against disruption and cyber threats. Over eight out of ten (81%) …
Patched Apache flaw is a serious threat for web hosting providers
Organizations running Apache web servers are urged to implement the latest security update to fix a serious privilege escalation flaw (CVE-2019-0211) that can be triggered via …
Security remains a top concern for IoT executives, but small fixes can shore up ecosystem resilience
66 percent of companies say their c-suite executives are supportive of their IoT implementation, but even with strong support they noted there are hurdles to overcome. A …
Apple fixed some interesting bugs in iOS and macOS
In addition to announcing a number of new products and subscription services, Apple has released security updates for iOS, macOS, Safari, tvOS, iTunes, iCloud, and Xcode. The …
March 2019 Patch Tuesday: Microsoft patches two actively exploited Windows flaws
As part of the March 2019 Patch Tuesday, Microsoft has released fixes for 64 CVE-numbered vulnerabilities, 17 of which are rated Critical and 45 Important. Interestingly …
Zero-day Chrome/Windows combo actively exploited in the wild
We now know why a number of Googlers made a point to urge users to implement the latest Chrome update as soon as possible: the vulnerability (CVE-2019-5786) is definitely …
Users of Cisco switches, security appliances need to get patching
Administrators of Cisco switches, firewalls, and security appliances are advised to take a look at the latest collection of security advisories published by the company, as …
Google plugs Chrome zero-day exploited in the wild
If you’re using Google’s Chrome browser and have not yet upgraded to the latest available version, do so now or risk being hit by attackers. About CVE-2019-5786 …
Cisco fixes risky flaws in HyperFlex and Prime infrastructure
Cisco has released another batch of fixes for many of its products, including HyperFlex, Prime infrastructure, WebEx, and Firepower devices. Fixed HyperFlex bugs Five of the …
Featured news
Resources
Don't miss
- Why data provenance must anchor every CISO’s AI governance strategy
- Woodpecker: Open-source red teaming for AI, Kubernetes, APIs
- Hottest cybersecurity open-source tools of the month: May 2025
- Microsoft, Dutch security agencies lift veil on Laundry Bear cyber espionage group
- Vulnerabilities found in NASA’s open source software