Researchers from Trend Micro have spotted threat actors exploiting the Spring4Shell vulnerability CVE-2022-22965 to weaponize and execute Mirai botnet.
Threat actors exploit Spring4Shell to weaponize and execute Mirai botnet Read More »
The Cybersecurity and Infrastructure Security Agency (CISA) has added 3 vulnerabilities to its Known Exploited Vulnerabilities Catalog, to include Sudo, SMBv1 and Microsoft HTTP Protocol Stack vulnerabilities.
The Mozilla Foundation has patched three High risk vulnerabilities in Firefox 99, as well as a number of other bug fixes.
Mozilla releases Firefox 99 with fixes for 3 High severity vulnerabilities Read More »
Google has released Chrome 100.0.4896.75 for Windows, Mac and Linux with fixes for just one High risk vulnerability. In addition, Google also issued security updates for Chrome for iOS, Chrome for Android and LTS-96.
GitLab has issued a security update to address a Critical vulnerability CVE-2022-1162 where static passwords were inadvertently set during OmniAuth-based registration.
In the past month, researchers from FortiLabs have detected a new cyber campaign involving Chinese Advanced Persistent Threat (APT) group Deep Panda that has exploited the Log4Shell (log4j) vulnerability CVE-2021-44228 on vulnerable VMware Horizon servers to install digitally signed Fire Chili rootkits.
The Cybersecurity and Infrastructure Security Agency (CISA) has added 7 vulnerabilities to its Known Exploited Vulnerabilities Catalog. Recent additions include vulnerabilities affecting Trend Micro, Sophos, Windows, QNAP, Dell, and Dasan products.
Spring has published new security fixes for Spring Framework “Spring4Shell” and Spring Cloud Function vulnerabilities.
Apple has released security updates for Apple iOS 15.4.1, iPadOS 15.4.1 and macOS Monterey 12.3.1 products. Apple is aware of known exploits in the wild for a zero-day vulnerabilities CVE-2022-22675 and CVE-2022-22674.
