security update
GitLab plugs critical flaw in its code repository manager software
GitLab (the company) has pushed out security updates for both the Community Edition (CE) and Enterprise Edition (EE) of the GitLab software, fixing a critical security flaw in …
Cisco plugs critical hole in Prime Home management platform
Cisco has released nine security alerts on Wednesday, and among these are two for critical vulnerabilities in its ASR 900 Series routers and the Cisco Prime Home management …
Most unpatched Joomla sites compromised in latest wave of attacks
If you run a Joomla-based website and you haven’t implemented the latest security release of the CMS, your site has been almost surely compromised. According to Sucuri …
Malicious JPEGs can compromise your iPhone
A vulnerability in the iOS CoreGraphics component allows attackers to compromise iDevices by tricking victims into viewing a maliciously crafted JPEG file. The good news is …
Dirty COW Linux kernel zero-day exploited in the wild is now patched
Linux developer Phil Oester has spotted attackers exploiting a Linux kernel zero-day privilege escalation flaw that dates back to 2007, and has raised the alarm. The …
Cisco plugs critical bug in ASA security devices
Cisco has patched a critical vulnerability in the Identity Firewall feature of Cisco ASA Software, which would allow a remote attacker to execute arbitrary code and obtain …
VeraCrypt security audit reveals many flaws, some already patched
VeraCrypt, the free, open source disk encryption software based on TrueCrypt, has been audited by experts from cybersecurity company Quarkslab. The researchers found 8 …
October Patch Tuesday: Changes, urgent updates and what’s coming next
The leaves aren’t the only things changing this October. Patch Tuesday is here and with it comes some interesting updates from big names in the software space. This month, …
Four vulnerabilities found in Dell SonicWALL Email Security virtual appliance application
Digital Defense (DDI) disclosed the discovery of four security vulnerabilities found in the Dell SonicWALL Email Security virtual appliance application. The appliance is …
Cisco plugs two Cloud Services Platform system compromise flaws
Cisco has patched two serious vulnerabilities in Cisco Cloud Services Platform 2100, both of which could allow a remote attacker to execute arbitrary code on a targeted …
Microsoft ends Tuesday patches
Yesterday was a big day for Patch Tuesday. It was the last traditional Windows Patch Tuesday as Microsoft is moving to a new patching release model. In the future, patches …
WordPress 4.6.1 upgrades security, fixes 15 bugs
WordPress 4.6.1 is now available. This is a security release for all previous versions and all users are strongly encouraged to update their sites immediately. The two …
Featured news
Resources
Don't miss
- Unpatched Windows vulnerability continues to be exploited by APTs (CVE-2025-9491)
- CISA and partners take action as Microsoft Exchange security risks mount
- Shadow AI: New ideas emerge to tackle an old problem in new form
- AI chatbots are sliding toward a privacy crisis
- You can’t audit how AI thinks, but you can audit what it does