Cisco has released a security updates for Spring Framework (“Spring4Shell”), Firepower Management Center (FMC) and IOS XR software that address Critical and High severity vulnerabilities.
Cisco issues security updates for Spring Framework, Firepower and IOS XR software Read More »
Researchers have found millions of Java applications still vulnerable in the wild to the infamous Log4Shell vulnerability CVE-2021-44228, more than four months after the severe flaw was discovered.
Millions of Java apps still vulnerable to Log4Shell Read More »
Microsoft researchers have discovered a collection of Linux vulnerabilities dubbed Nimbuspwn that could lead to privilege escalation as root on Linux desktop systems.
Microsoft discovers Nimbuspwn Linux vulnerabilities Read More »
Google has released Chrome 101.0.4951.41 for Windows, Mac and Linux with fixes for 30 vulnerabilities, to include seven rated High severity.
Google releases Chrome 101 security update with fixes for 30 vulnerabilities Read More »
The Cybersecurity and Infrastructure Security Agency (CISA) has added seven vulnerabilities to its Known Exploited Vulnerabilities Catalog, to include Dirty Pipe vulnerability and a Windows zero-day patched earlier this month.
The Federal Bureau of Investigation (FBI) has released new information on BlackCat (also known as ALPHV) ransomware as a service (RaaS), that has compromised at least 60 entities worldwide as of March 2022.
FBI: BlackCat ransomware has compromised 60 entities worldwide Read More »
Oracle has released its Critical Patch Update for April 2022 to include 520 vulnerability fixes across multiple products. The updates also include fixes for Log4j and Spring Framework vulnerabilities.
Oracle Critical Patch Update for April 2022 Read More »
US Government cybersecurity experts are warning of advanced persistent threat (APT) actors using custom tools to target and compromise multiple industrial control system (ICS) and supervisory control and data acquisition (SCADA) devices.
APT actors targeting ICS/SCADA Devices with custom tools Read More »
The Cybersecurity and Infrastructure Security Agency (CISA) has added 9 vulnerabilities to its Known Exploited Vulnerabilities Catalog. The issues include recently patched Chrome zero-day CVE-2022-1364.
Google has released Chrome 100.0.4896.127 for Windows, Mac and Linux with fixes for two vulnerabilities, to include one zero-day (CVE-2022-1364) exploited in the wild.
