The Open Web Application Security Project (OWASP) has released its OWASP API Security Top 10 2019. This is the first version of the API Top 10 that OWASP will likely update every three to fours years, similar to its other Top 10 series.
Cisco has patched three critical vulnerabilities in its Data Center Network Manager (DCNM) software that could allow an attacker to bypass authentication. In addition, six High and two Medium severity DCNM software bugs were also addressed.
Security firm Verint analyzed the top 20 vulnerabilities to patch now that are under active attack and exploited by cyber attack groups worldwide. The report is aimed at assisting security teams in prioritizing and enhancing their organization's patch management efforts.
Cisco security experts have noticed a sudden spike in vulnerability exploits against Cisco Adaptive Security Appliance (ASA) and Firepower Appliance.
Twitter has fixed a vulnerability in Twitter for Android that could allow a hacker to view private account information or take control of your account.
Microsoft issued an out-of-bound security update for a SharePoint Server vulnerability CVE-2019-1491.
Google has released Chrome 79.0.3945.88 for Windows, Mac and Linux. The update includes one security fix. The company also added a Chrome browser update for Android.
Remote attackers have abused ConnectWise Control software to deliver ransomware to its victims. The latest attacks against a real estate company used ransomware dubbed "Zeppelin", a variant of the VegaLocker ransomware family.
TP-Link has patched a vulnerability in multiple Archer router models that could allow attackers to login without passwords.
WordPress has released version 5.3.1 security update that fixes multiple bugs. All WordPress versions 5.3 and earlier are affected.