Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.
Progress MOVEit
Progress quietly fixes MOVEit auth bypass flaws (CVE-2024-5805, CVE-2024-5806)

Progress Software has patched one critical (CVE-2024-5805) and one high-risk (CVE-2024-5806) vulnerability in MOVEit, its widely used managed file transfer (MFT) software …

Patch Tuesday
Microsoft fixes RCE vulnerabilities in MSMQ, Outlook (CVE-2024-30080, CVE-2024-30103)

June 2024 Patch Tuesday is here and Microsoft has delivered fixes for a critical MSMQ flaw (CVE-2024-30080) and a RCE vulnerability in Microsoft Outlook (CVE-2024-30103). 49 …

Patch Tuesday
June 2024 Patch Tuesday forecast: Multiple announcements from Microsoft

June 2024 Patch Tuesday is now live: Microsoft fixes RCE vulnerabilities in MSMQ, Outlook (CVE-2024-30080, CVE-2024-30103) May 2024 Patch Tuesday was unusual because we had …

Google Chrome
Google fixes yet another Chrome zero-day exploited in the wild (CVE-2024-5274)

For the eighth time this year, Google has released an emergency update for its Chrome browser that fixes a zero-day vulnerability (CVE-2024-5274) with an in-the-wild exploit. …

QNAP
15 QNAP NAS bugs and one PoC disclosed, update ASAP! (CVE-2024-27130)

Researchers have found 15 vulnerabilities in QNAP’s network attached storage (NAS) devices, and have released a proof-of-concept for one: an unauthenticated stack …

git
Critical Git vulnerability allows RCE when cloning repositories with submodules (CVE-2024-32002)

New versions of Git are out, with fixes for five vulnerabilities, the most critical (CVE-2024-32002) of which can be used by attackers to remotely execute code during a …

Google Chrome
Google fixes third exploited Chrome zero-day in a week (CVE-2024-4947)

For the third time in the last seven days, Google has fixed a Chrome zero-day vulnerability (CVE-2024-4947) for which an exploit exists in the wild. About CVE-2024-4947 …

Patch Tuesday
May 2024 Patch Tuesday: Microsoft fixes exploited zero-days (CVE-2024-30051, CVE-2024-30040)

For May 2024 Patch Tuesday, Microsoft has released fixes for 59 CVE-numbered vulnerabilities, including two zero-days (CVE-2024-30051, CVE-2024-30040) actively exploited by …

Apple
Apple backports iOS zero-day patch, adds Bluetooth tracker alert

Apple has backported the patch for CVE-2024-23296 to the iOS 16 branch and has fixed a bug (CVE-2024-27852) in MarketplaceKit that may allow maliciously crafted webpages to …

patch tuesday
May 2024 Patch Tuesday forecast: A reminder of recent threats and impact

The updates have been released: May 2024 Patch Tuesday: Microsoft fixes exploited zero-days (CVE-2024-30051, CVE-2024-30040) The thunderstorms of April patches have passed, …

Veeam
Veeam fixes RCE flaw in backup management platform (CVE-2024-29212)

Veeam has patched a critical vulnerability (CVE-2024-29212) in Veeam Service Provider Console (VSPC) and is urging customers to implement the patch. About CVE-2024-29212 Veeam …

Cisco
Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359)

A state-sponsored threat actor has managed to compromise Cisco Adaptive Security Appliances (ASA) used on government networks across the globe and use two zero-day …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools