security update
Oracle fixes Java zero-day exploited by Pawn Storm hackers
With its quarterly Critical Patch Update, Oracle has released security fixes for 193 vulnerabilities across all of its products (a good summary can be found here), including …
Adobe patches Hacking Team Flash zero-days, update immediately!
Adobe has released new versions of Flash Player, Shockwave Player and Acrobat and Reader, all of which fix critical vulnerabilities that could potentially allow an attacker to …
65,000+ Land Rovers recalled due to software bug
Jaguar Land Rover has announced that owners of Range Rover and Range Rover Sport vehicles manufactured since 2013 will have to visit car dealers and get their car’s …
VMware fixes host privilege escalation bug in Workstation, Player, Horizon View
VMware has issued software updates for VMware Workstation, Player, and Horizon View Client for Windows, which fix relatively serious a host privilege escalation vulnerability …
Severe OpenSSL bug that allows certificate forgery has been plugged
The wait is over: the OpenSSL Project has issued security updates for the popular open-source implementation of the SSL and TLS protocols, and has shared some details about …
Security updates for OS X, iOS fix bucketload of serious bugs
Apple has released security updates for Safari, OS X Yosemite (and previous OS X versions), and iOS.The OS X update contains fixes for 77 vulnerabilities, many of which can be …
Major Xen update fixes over 20 vulns, including guest/host escape flaw
The newest version (v4.5.1) of popular hypervisor Xen has been released last week, and includes a bucketload of improvements and bug-fixes, including nearly 20 security …
Cisco finds, removes more default SSH keys on its software
Cisco has pushed out security updates to address two vulnerabilities in its Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Content …
Samsung disables Windows Update, undermines the security of your devices
Another example of how vendors sometimes choose to improve usability to the detriment of user security has been recently discovered by security researcher and Microsoft MVP …
Flash Player 0-day exploited in the wild, patch immediately!
Adobe has released an emergency patch for its notoriously buggy Flash Player software because attackers are actively exploiting a critical vulnerability that can lead to total …
HP releases exploit code for IE zero-day that Microsoft won’t patch
Despite having paid $125,000 for information about an Address Space Layout Randomisation (ASLR) vulnerability affecting Internet Explorer, Microsoft has decided against …
Critical RubyGems vulns can lead to installation of malicious apps
A serious vulnerability in RubyGems, a package manager for the Ruby programming language, can be exploited to trick end users into installing malware from attacker-controlled …
Featured news
Resources
Don't miss
- Attackers hit MSP, use its RMM software to deliver ransomware to clients
- Why data provenance must anchor every CISO’s AI governance strategy
- Woodpecker: Open-source red teaming for AI, Kubernetes, APIs
- Hottest cybersecurity open-source tools of the month: May 2025
- Microsoft, Dutch security agencies lift veil on Laundry Bear cyber espionage group