Alibaba leaks billions of data points via Chinese web crawler
Alibaba's Chinese online shopping platform Taobao has suffered a data breach of over a billion data points that include usernames and mobile phone numbers.
SDK supply chain vulnerability exposes security cameras to hacking
A vulnerability in ThroughTek’s Kalay Platform software development hit (SDK) has exposed many security cameras used by original equipment manufacturers (OEMs) of consumer-grade security cameras and IoT devices.
Apple iOS 12.5.4 security update fixes two vulnerabilities exploited in the wild
Apple has released a security update for iOS 12.5.4 to fix two vulnerabilities (CVE-2021-30761 and CVE-2021-30762) exploited in the wild.
Thousands of unpatched VMware vCenter servers exposed on the internet
Security researchers have spotted thousands of vulnerable unpatched VMware vCenter servers exposed on the internet. Multiple proof-of-concepts (PoCs) have also been posted online for exploits against a remote code execution (RCE) vulnerability CVE-2021-21985.
7-year old polkit vulnerability could allow hackers root shell on Linux systems
A security researcher has discovered a seven-year old polkit privileged escalation vulnerability CVE-2021-3560 that could allow a remote attacker root shell access on Linux systems.
Google fixes Chrome zero-day (CVE-2021-30551) exploited in the wild
Google has released Chrome 91 security update 91.0.4472.101 for Windows, Mac and Linux with fixes for multiple Critical or High severity vulnerabilities, one of those a zero-day vulnerability CVE-2021-30551 exploited in the wild.
SAP June 2021 Security Patch Day includes fix for Critical vulnerability in SAP NetWeaver AS ABAP and ABAP Platform
Software giant SAP has released June 2021 Security Patch Day that includes 20 separate security advisories and patches. One of the patches fixes a Critical vulnerability in SAP NetWeaver AS ABAP and ABAP Platform.
Microsoft June 2021 Security Updates includes fixes for 6 zero-day vulnerabilities
Microsoft has released the June 2021 Security updates that includes patches for 50 vulnerabilities, 5 of those rated Critical. The updates also include fixes for 6 zero-day flaws exploited in the wild.
Adobe releases security updates for Adobe Acrobat and Reader, other products
Adobe has released security updates to address multiple vulnerabilities in Adobe Acrobat and Reader, Adobe Connect, Photoshop, Experience Manager, Creative Cloud Desktop Application, RoboHelp Server, Photoshop Elements, Premiere Elements, After Effects and Animate.
Siloscape: The first malware to target Windows containers
Researchers have discovered the first known malware dubbed "Siloscape" targeting Windows containers to open a backdoor into poorly configured Kubernetes clusters.