The Cybersecurity and Infrastructure Security Agency (CISA) has published a new analysis report on Supernova malware used in a cyberattack and long term compromise of an entity's network and SolarWinds systems.
Drupal has patched a Critical cross-site scripting (XSS) vulnerability in Drupal Core. A remote attacker could exploit this vulnerability to compromise an affected system.
SonicWall has released urgent patches for Critical Email Security product zero-day vulnerabilities CVE-2021-20021, CVE-2021-20022 and CVE-2021-20023.
QNAP Systems, Inc. (QNAP) issued a statement strongly urging users to immediately update and run malware scans on QNAP NAS devices after recent reports of ransomware attacks involving Qlocker and eCh0raix.
Security researchers have spotted Tor-based botnet malware that targets Linux systems and cloud management tools to spread malware on victims' networks.
Google has released Chrome 90 security update 90.0.4430.85 for Windows, Mac and Linux with a fix one vulnerability CVE-2021-21224 exploited in the wild and patches for six other vulnerabilities.
Oracle has released its Critical Patch Update for April 2021 to include 390 vulnerability fixes across multiple products.
VMware issued a security advisory for a High severity privilege escalation vulnerability CVE-2021-21981 in VMware NSX-T.
The Mozilla Foundation has released Firefox 88 that includes security fixes for five High risk vulnerabilities and new protection against privacy leaks on the web.
The U.S. Department of Justice (DOJ) authorized the FBI to remove malicious web shells from hundreds of compromised and vulnerable Microsoft Exchange servers.