Microsoft has released the April 2021 Security updates that includes patches for 114 vulnerabilities, 19 of those rated Critical. The updates also include fixes for multiple Microsoft Exchange flaws that have a higher likelihood of being exploited.
Google has released Chrome 89 security update 89.0.4389.128) for Windows, Mac and Linux with fixes for 2 vulnerabilities exploited in the wild.
The Cybersecurity and Infrastructure Security Agency (CISA) has published reports on DearCry ransomware and China Chopper Web Shell malware linked to recent Exchange Server exploits. Attackers can use this malware to further compromise on-premise Microsoft Exchange servers and launch other attacks.
APKPure Android app store and mobile app has been infected with malicious software that downloads trojans to Android devices.
Cisco has patched multiple vulnerabilities in Cisco SD-WAN, Small Business routers, Unified Communications Products and Advanced Malware Protection. Two of those vulnerabilities (CVE-2021-1479, CVE-2021-1459) are rated Critical.
PHP maintainer Nikita Popov has published new details regarding the likely cause of a recent PHP source code compromise and insert of malicious code.
Security researchers have warned legacy QNAP NAS devices are vulnerable to zero-day cyberattacks. Although QNAP patched two vulnerabilities in recent firmware updates, the company acknowledged patches were not yet available for certain legacy devices.
Security experts from Onapsis and SAP have released a new threat intel report for SAP customers that warns of cyber threat actors targeting unprotected SAP applications.
A hacker has leaked personal data on an estimated 533 million Facebook users, to include phone numbers and Facebook account details. The data was leaked on a publicly accessible hacking forum.
Cybersecurity experts from the FBI and CISA have issued a joint cybersecurity advisory warning of APT exploits of Fortinet FortiOS vulnerabilities CVE-2018-13379, CVE-2019-5591 and CVE-2020-12812.