security update
January Android security update fixes 5 critical flaws, removes unneeded component
Google has released the January security update for Android (for its Nexus devices). The update fixes 12 issues, five of which are critical. The most important hole …
Oracle agrees to settle FTC charges it deceived consumers about Java updates
Oracle has agreed to settle Federal Trade Commission charges that it deceived consumers about the security provided by updates to its Java Platform, Standard Edition software …
Critical RCE bug in FireEye’s security appliances exploitable via email
Last week, FireEye has silently pushed out a patch for an extremely easy-to-exploit remote code execution bug affecting its NX, EX, FX and AX Series security appliances in …
Critical Joomla RCE bug actively exploited, patch immediately!
An eight-year-old Joomla critical remote code execution vulnerability, which is being actively exploited in attacks in the wild, has been patched by the developers of the …
Microsoft kills many critical flaws, some 0-days, un-trusts one wildcard cert
For this December Patch Tuesday, Microsoft has released twelve security bulletins, eight of which have been rated critical.Those refer to the cumulative security updates for …
Apple releases security updates for every major product
Apple has released security updates for the operating systems running on the company’s iPhones, computers, Apple TV and various versions of smartwatches, as well as …
Four critical Android bugs patched, one could lead to permanent device compromise
Google’s December security update for Android has been pushed out to Nexus devices on Monday, and it contains fixes for 19 vulnerabilities, four of which are deemed …
Microsoft warns of imminent end of support for all but the latest Internet Explorer versions
Windows users who still prefer Internet Explorer to all other browsers have been urged by Microsoft to update to the latest (and last) version of the browser (v11), as the …
High-impact DoS flaw patched in Node.js, update as soon as possible
The Node.js Foundation has pushed out a patch for its eponymous open source, cross-platform runtime environment for developing server-side web applications. The fix plugs two …
Cyber crooks actively hijacking servers with unpatched vBulletin installations
Administrators of vBulletin installations would do well to install the latest vBulletin Connect updates as soon as possible, as cyber crooks are actively searching for servers …
Security update kills several critical bugs in Android Marshmallow
Google’s November Android security update carries fixes for seven vulnerabilities, including two remote code execution flaws that are rated “critical” …
Xen Project plugs critical host hijacking flaw, patch ASAP
The latest security update (XSA-145 through 153) for the popular Xen virtualization software fixes nine issues. Eight of them can lead to Denial of Service, but the ninth is …
Featured news
Resources
Don't miss
- Gainsight breach: Salesforce details attack window, issues investigation guidance
- New “HashJack” attack can hijack AI browsers and assistants
- Heineken CISO champions a new risk mindset to unlock innovation
- Small language models step into the fight against phishing sites
- Black Friday 2025 for InfoSec: How to spot real value and avoid the noise