Cisco has updated the list of Cisco products under investigation, vulnerable and confirmed not vulnerable to the latest Apache Struts 2 vulnerability (CVE-2018-11776).
Air Canada notified customers of a data breach involving the airline's mobile application and potentially impacting thousands of user profiles.
Cisco released a high severity security update to fix a directory path traversal vulnerability (CVE-2018-0464) in its Data Center Network Manager (DCNM) product.
A local privilege escalation vulnerability in the Advanced Local Procedure Call (ALPC) interface of Windows task scheduler was discovered.
Security researchers have discovered proof-of-concept code of an Apache Struts vulnerability exploit, to include a Python script that makes it easier to exploit.
The Apache Software Foundation has issued a security update for a critical remote code execution (RCE) vulnerability (CVE-2018-11776) in Apache Struts 2.
Ghostscript contains multiple -dSAFER sandbox bypass vulnerabilities, according to an NCCIC security alert.
A high risk use-after-free (UAF) vulnerability in VBScript Engine is being exploited in the wild.
Microsoft has released new Intel microcode updates (KB4346084) for Windows 10 version 1803 (Windows 10 April 2018 Update) and Windows Server Version 1803 (Server Core).
President Donald Trump signed the NIST Small Business Cybersecurity Act into law, legislation authored by U.S. Senators Brian Schatz (D-Hawai‘i) and James Risch (R-Idaho).