Mozilla has released Firefox version 67, ESR 60.7 and Thunderbird 60.7 to address multiple vulnerabilities.
Oracle has released its Critical Patch Update for January 2019 to include 284 vulnerability fixes across multiple products. Oracle continues to receive reports of remote attackers attempting to maliciously exploit unpatched vulnerabilities.
Attackers are using a variant of the infamous Mirai IoT botnet dubbed “Miori” to exploit a Remote Code Execution (RCE) vulnerability in ThinkPHP, a free open-source PHP framework.
A security researcher going by the name of SandboxEscaper has published online a new proof-of-concept (POC) for a new zero-day vulnerability that impacts Windows systems.
The critical zero-day “Scripting Engine Memory Corruption” vulnerability (CVE-2018-8653) is being actively exploited on Windows systems by hackers.