security update
New Drupal RCE vulnerability under active exploitation, patch ASAP!
Yet another Drupal remote code execution vulnerability has been patched by the Drupal security team, who urge users to implement the offered updates immediately as the flaw is …
Apple device users, stay away from QR codes until you upgrade
It’s time to update your Mac and iOS-powered devices again: Apple has plugged four vulnerabilities, two of which could be exploited to execute arbitrary code if a user …
Cisco plugs critical hole in WebEx, users urged to upgrade ASAP
Cisco has fixed a critical vulnerability in its Webex videoconferencing software that could be exploited to compromise meeting attendees’ systems by simply opening a …
Moxa plugs serious vulnerabilities in industrial secure router
A slew of serious vulnerabilities in the Moxa EDR-810 series of industrial secure routers could be exploited to inject OS commands, intercept weakly encrypted or extract clear …
Your Android phone says it’s fully patched, but is it really?
How do fully-maintained (i.e., patched) Android phones end up getting exploited? Searching for an answer to that question spurred security researchers to analyze thousands of …
AMD users running Windows 10 get their Spectre fix
AMD has released new microcode updates for mitigating variant 2 of the Spectre attack and Microsoft has released an OS update with the mitigation to AMD users running Windows …
What patches to prioritize following the April 2018 Patch Tuesday?
Patch Tuesday came and went and, as usual, Microsoft and Adobe have released patches/security updates for vulnerabilities affecting a wide variety of their products. …
April Patch Tuesday forecast: Expect updates for Adobe Flash, others
Springtime is here! Although up here in Minnesota you wouldn’t believe it as we received snowfalls that rivaled anything in the past 34 years! As spring arrives you think of …
Easily exploited flaw in Microsoft Malware Protection Engine allows total system compromise
A critical and extremely easily exploitable vulnerability in the Microsoft Malware Protection Engine (MMPE) has been patched through an out-of-band security update pushed out …
Intel will not provide Spectre/Meltdown microcode updates for some processor families
Intel has decided not to provide microcode updates to plug Spectre and Meltdown vulnerabilities in a number of older processors. According to the last update (April 2, 2018) …
Critical vulnerability opens Cisco switches to remote attack
A critical vulnerability affecting many of Cisco’s networking devices could be exploited by unauthenticated, remote attackers to take over vulnerable devices or trigger …
How to close the security update gap
Security patching is hard and patch fatigue is real. So what can be done to make the process more simple, less disruptive, and more likely to be performed in a timely manner? …
Featured news
Resources
Don't miss
- A new way to think about zero trust for workloads
- Heisenberg: Open-source software supply chain health check tool
- Securing real-time payments without slowing them down
- Unpatched Windows vulnerability continues to be exploited by APTs (CVE-2025-9491)
- CISA and partners take action as Microsoft Exchange security risks mount