Apple iOS 12.5.4 security update fixes two vulnerabilities exploited in the wild
Apple has released a security update for iOS 12.5.4 to fix two vulnerabilities (CVE-2021-30761 and CVE-2021-30762) exploited in the wild.
Thousands of unpatched VMware vCenter servers exposed on the internet
Security researchers have spotted thousands of vulnerable unpatched VMware vCenter servers exposed on the internet. Multiple proof-of-concepts (PoCs) have also been posted online for exploits against a remote code execution (RCE) vulnerability CVE-2021-21985.
7-year old polkit vulnerability could allow hackers root shell on Linux systems
A security researcher has discovered a seven-year old polkit privileged escalation vulnerability CVE-2021-3560 that could allow a remote attacker root shell access on Linux systems.
Google fixes Chrome zero-day (CVE-2021-30551) exploited in the wild
Google has released Chrome 91 security update 91.0.4472.101 for Windows, Mac and Linux with fixes for multiple Critical or High severity vulnerabilities, one of those a zero-day vulnerability CVE-2021-30551 exploited in the wild.
SAP June 2021 Security Patch Day includes fix for Critical vulnerability in SAP NetWeaver AS ABAP and ABAP Platform
Software giant SAP has released June 2021 Security Patch Day that includes 20 separate security advisories and patches. One of the patches fixes a Critical vulnerability in SAP NetWeaver AS ABAP and ABAP Platform.
Microsoft June 2021 Security Updates includes fixes for 6 zero-day vulnerabilities
Microsoft has released the June 2021 Security updates that includes patches for 50 vulnerabilities, 5 of those rated Critical. The updates also include fixes for 6 zero-day flaws exploited in the wild.
Adobe releases security updates for Adobe Acrobat and Reader, other products
Adobe has released security updates to address multiple vulnerabilities in Adobe Acrobat and Reader, Adobe Connect, Photoshop, Experience Manager, Creative Cloud Desktop Application, RoboHelp Server, Photoshop Elements, Premiere Elements, After Effects and Animate.
Siloscape: The first malware to target Windows containers
Researchers have discovered the first known malware dubbed "Siloscape" targeting Windows containers to open a backdoor into poorly configured Kubernetes clusters.
Mozilla releases Firefox 89 with new privacy protections and nine security fixes
The Mozilla Foundation has released Firefox 89 that includes new privacy protections and security fixes for nine vulnerabilities, two rated High severity.
Drupal fixes ‘Moderately Critical’ XSS bug in CKEditor library
Drupal has patched a Moderately Critical cross-site scripting (XSS) vulnerability in Drupal Core.