Samba has released software updates to fix two High severity security vulnerabilities (CVE-2020-27840 and CVE-2021-20277) that impact Samba products. A remote attacker could take advantage of these bugs and exploit unpatched systems.
OpenSSL has patched two High severity vulnerabilities CVE-2021-3449 and CVE-2021-3450 in certain OpenSSL versions. As a result, a bad actor could exploit and launch a Denial of Service attack against impacted systems.
Cybersecurity experts discovered active exploits against vulnerable WordPress sites running previously patched Thrive Themes and plugins.
The Mozilla Foundation has released Firefox 87 that introduces a new feature 'SmartBlock for Private Browsing' along with security fixes for two High risk vulnerabilities.
Energy giant Shell was the latest victim in a series of cyberattacks on customers of Accellion's legacy File Transfer Appliance (FTA) product used to transfer large files.
Adobe has released a security update to address a Critical vulnerability CVE-2021-21087 in Adobe ColdFusion.
Security researchers are warning of mass scans and active exploits of a Critical vulnerability on F5 BIG-IP and BIG-IQ infrastructure. F5 patched the Critical remote code execution vulnerability CVE-2021-22986 nearly two weeks ago when the networking company confirmed an unauthenticated attacker could exploit the vulnerability.
Google has released Chrome 88 security update (89.0.4389.90) for Windows, Mac and Linux with fixes for five vulnerabilities. One of those vulnerabilities has been exploited in the wild (CVE-2021-21193).
Cybersecurity experts are warning exploits against organizations worldwide have grown ten-fold after recent Microsoft Exchange Server zero-day vulnerabilities were revealed.
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued an urgent joint cybersecurity advisory on the Microsoft Exchange vulnerability exploits.