Google has released Chrome 91 security update 91.0.4472.101 for Windows, Mac and Linux with fixes for multiple Critical or High severity vulnerabilities, one of those a zero-day vulnerability CVE-2021-30551 exploited in the wild.
Microsoft has released the June 2021 Security updates that includes patches for 50 vulnerabilities, 5 of those rated Critical. The updates also include fixes for 6 zero-day flaws exploited in the wild.
A security researcher has published proof-of-concept (PoC) exploit code for a Windows HTTP protocol stack remote code execution (RCE) vulnerability CVE-2021-31166.
Microsoft has released the May 2021 Security updates that includes patches for 55 vulnerabilities, 4 of those rated Critical. The updates also include fixes for 3 zero-day flaws.
Apple has released security updates to fix vulnerabilities in iOS 14.5.1, macOS Big Sur 11.3.1, Safari 14.1, watchOS 7.4.1, and other products under active exploit in the wild.
Google has released Chrome 90 security update 90.0.4430.85 for Windows, Mac and Linux with a fix one vulnerability CVE-2021-21224 exploited in the wild and patches for six other vulnerabilities.
Google has released Chrome 89 security update 89.0.4389.128) for Windows, Mac and Linux with fixes for 2 vulnerabilities exploited in the wild.
The Cybersecurity and Infrastructure Security Agency (CISA) has published reports on DearCry ransomware and China Chopper Web Shell malware linked to recent Exchange Server exploits. Attackers can use this malware to further compromise on-premise Microsoft Exchange servers and launch other attacks.
Security researchers have warned legacy QNAP NAS devices are vulnerable to zero-day cyberattacks. Although QNAP patched two vulnerabilities in recent firmware updates, the company acknowledged patches were not yet available for certain legacy devices.
Energy giant Shell was the latest victim in a series of cyberattacks on customers of Accellion's legacy File Transfer Appliance (FTA) product used to transfer large files.