A group of hackers have been using compromised websites to launch watering hole attacks against iPhone users who visit the websites. The attacks also use five different exploit chains and exploit 0-day vulnerabilities that don't require any user interaction.
Apple released security updates and emergency patch for iOS and macOS (CVE-2019-8605). In all, the company released iOS 12.4.1, macOS Mohave 10.14.6, watchOS 5.3.1 and tvOS 12.4.1.
A joint effort between security firm Avast and a French cybercrime unit C3N has taken down a malicious worm dubbed Retadup that has affected thousands of machines.
Google has released a new security update for Chrome browser 76.0.3809.132 for Windows, Mac and Linux.
Hackers are targeting vulnerable VPN products from Pulse Secure and Fortinet that pose risks to enterprise networks.
Cisco has released security updates to patch critical vulnerabilities in Cisco Integrated Management Controller (IMC) Supervisor, Unified Computing System (UCS) Director, and UCS Director Express for Big Data.
UK's cybersecurity organization NCSC issued a warning that Python 2 is fast approaching its end-of-life (EOL) on January 1, 2020. After that time, organizations will no longer be able to get bug fixes or security patches.
A security researcher discovered a backdoor in the popular web-based utility used to remotely manage Unix-based servers, to include Linux, FreeBSD and OpenBSD systems.
The Texas Department of Information Resources (DIR) has confirmed late Friday that 23 towns across Texas were victims of a coordinated ransomware attack.
Security researchers have identified a security vulnerability related to encryption on Bluetooth BR/EDR connections. As a result, an unauthenticated attacker near the vulnerable device could exploit the issue and escalate privileges or steal information.