security update
Bug in Symantec’s anti-virus engine can lead to system compromise
Google Project Zero researcher Tavis Ormandy has unearthed a critical remote code execution vulnerability in the anti-virus engine powering Symantec’s endpoint security …
Adobe patches Flash 0day exploited in attacks
The Adobe Flash Player update announced earlier this week is here, and it fixes more than just the zero-day flaw exploited in attacks in the wild. All in all, the latest …
0day alert: Be ready to update Adobe Flash Player tomorrow
On Tuesday, Adobe has pushed out security updates for Cold Fusion and Adobe Acrobat and Reader, but has also announced an update for Flash Player that should be released on …
How secure are the devices connecting to enterprise assets?
Most enterprises have accepted that its employees will use their own various, often mobile devices to access company assets, and have realized that the defined, more easily …
Shopware update fixes RCE bug that affects both shop and target system
Shopware, an open-source e-commerce software chosen by a number of big European companies to power their online shops, has recently pushed out a critical security update. The …
Critical flaws in HP Data Protector open servers to remote attacks
Hewlett Packard has released critical security updates for its HP Data Protector software, which fix vulnerabilities that could allow remote code execution or unauthorized …
Oracle patches 136 flaws in 49 products
Oracle released the April 2016 Critical Patch Update, which provides fixes for 136 vulnerabilities in 49 products, including Java SE and MySQL, the company’s Database …
VMware plugs critical information-leaking hole
VMware has plugged a critical security issue in the VMware Client Integration Plugin, which could allow for a Man in the Middle attack or web session hijacking in case the …
Cisco UCS servers can be hijacked with malicious HTTP request
A data center server platform running Cisco’s Unified Computing System (UCS) Central Software can be compromised by unauthenticated, remote attackers with a single, …
Microsoft patches Badlock, but doesn’t call it critical
Microsoft just released several security bulletins, with six marked as critical and seven categorized as important. The biggest surprise (or disguise) came in the patch marked …
Bug in OS X Messages client exposes messages, attachments
When in March Apple pushed out security updates for its many products, much attention has been given to a zero-day bug discovered by a team of Johns Hopkins University …
Update your ManageEngine Password Manager Pro ASAP!
Security researcher Sebastian Perez has revealed eight serious security vulnerabilities in ManageEngine Password Manager Pro (PMP), a password management software for …
Featured news
Resources
Don't miss
- Attackers hit MSP, use its RMM software to deliver ransomware to clients
- Why data provenance must anchor every CISO’s AI governance strategy
- Woodpecker: Open-source red teaming for AI, Kubernetes, APIs
- Hottest cybersecurity open-source tools of the month: May 2025
- Microsoft, Dutch security agencies lift veil on Laundry Bear cyber espionage group