In case you missed it last week, SaltStack released security updates to fix two critical Salt vulnerabilities. Multiple vendors that integrate Salt into their products have also released patches or workarounds to address the flaws.
Popular internet forum software maker vBulletin has patched a Critical vulnerability that affects multiple vBulletin 5 versions.
A large Snake ransomware campaign has targeted healthcare companies worldwide. One of the victims include Fresenius, Europe’s largest private hospital operator and leading healthcare company based out of Germany.
Cisco has released 12 High severity security advisories for Cisco Adaptive Security Appliance (ASA) Software and Firepower products. In addition, a security fix was also released to address a Snort HTTP detection engine file policy bypass Vulnerability.
The Mozilla Foundation has released Firefox 76 with new security protections for online account logins and passwords. The update also includes fixes for multiple vulnerabilities.
Google has released Chrome 81.0.4044.138 for Windows, Mac and Linux. An attacker could exploit these vulnerabilities to take control of impacted systems.
Microsoft has released new Zero Trust guidance for Azure Active Directory (Azure AD). The guidance is part of a broader "Zero Trust Security Strategy" to help organizations provide more secure access to corporate resources.
Oracle released a new warning that a previously patched Weblogic vulnerability CVE-2020-2883 is being exploited in the wild. The company further urged organizations should apply April CPUs without delay.
Cisco has released a High severity security update that fixes an IOS XE SD-WAN software command injection vulnerability CVE-2019-16011.
WordPress has released version 5.4.1 security update that fixes multiple bugs and security vulnerabilities. All WordPress versions 5.4 and earlier are affected.