A group of hackers have been using compromised websites to launch watering hole attacks against iPhone users who visit the websites. The attacks also use five different exploit chains and exploit 0-day vulnerabilities that don't require any user interaction.
Mozilla has released a security update that fixes a critical vulnerability in Firefox 67.0.3 and Firefox ESR 60.7.1.
A security researcher released details on a new zero-day vulnerability that impacts the TP-Link All-in-One SR20 Smart Home Router and Hub.
A security researcher going by the name of SandboxEscaper has published online a new proof-of-concept (POC) for a new zero-day vulnerability that impacts Windows systems.
Microsoft issued the November 2018 Security Updates that include 62 unique vulnerability fixes, 12 of them rated critical.
A security researcher released the details of a VirtualBox vulnerability that affects VirtualBox 5.2.20 and earlier versions.
Cisco has just released a security advisory for a high severity zero-day denial of service (DOS) vulnerability that impacts Cisco's Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software.
A local privilege escalation vulnerability in the Advanced Local Procedure Call (ALPC) interface of Windows task scheduler was discovered.
A security researcher was able to demonstrate in last week's Defcon conference how a vulnerability (CVE-2017-7150) in recent versions of macOS could be exploited and lead to a "synthetic" mouse-click cyber attack.
Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. The update (APSB18-19) addresses two critical and two important vulnerabilities in Adobe Flash Player 126.96.36.199 and earlier versions.