The Apache Software Foundation has released new Apache Tomcat versions and mitigations to address a remote code execution (RCE) vulnerability.
Multiple VPN applications are vulnerable to not properly encrypting sensitive data and insecurely storing session cookies.
The Wi-Fi Alliance® issued a security update confirming the discovery of vulnerabilities in WPA3-Personal by security researchers. The vulnerabilities collectively dubbed "DragonBlood" is based on the underlying Dragonfly handshake used by WPA3.
Microsoft security researchers revealed additional details on how cyber attackers were able to exploit the 19 year old WinRar vulnerability last March.
Intel has released four security advisories to address vulnerabilities in multiple Intel products, to include Intel® Media SDK, Intel® Graphics Performance Analyzer for Linux, Microprocessor Memory Mapping and Intel® NUC.
Microsoft issued the April 2019 Security Updates that include 74 unique vulnerability fixes, 16 of them rated critical and two zero-days that were being actively exploited.
Samba has released fixes for two security vulnerabilities that impact Samba products. A remote attacker could take advantage of these bugs and exploit unpatched systems.
Check Point security researchers have discovered a vulnerability in security software that comes pre-installed in Xiaomi smartphones.
Researchers at FireEye have discovered links between the FIN6 cyber criminal group and LockerGoga and Ryuk ransomware used in recent cyber attacks.
The Apache Foundation has patched a high severity privilege escalation vulnerability in Apache HTTP Server 2.4 (releases 2.4.17 to 2.4.38). Web servers should be patched as soon as possible since the bug could allow attackers a way to gain "root" or full admin access to server.