Mozilla has released Firefox version 67, ESR 60.7 and Thunderbird 60.7 to address multiple vulnerabilities.
Oracle has released its Critical Patch Update for January 2019 to include 284 vulnerability fixes across multiple products. Oracle continues to receive reports of remote attackers attempting to maliciously exploit unpatched vulnerabilities.
Attackers are using a variant of the infamous Mirai IoT botnet dubbed "Miori" to exploit a Remote Code Execution (RCE) vulnerability in ThinkPHP, a free open-source PHP framework.
A security researcher going by the name of SandboxEscaper has published online a new proof-of-concept (POC) for a new zero-day vulnerability that impacts Windows systems.
The critical zero-day "Scripting Engine Memory Corruption" vulnerability (CVE-2018-8653) is being actively exploited on Windows systems by hackers.
Cisco has patched a vulnerability in the authorization subsystem of Cisco's Adaptive Security Appliance (ASA)Software that could allow an authenticated, unprivileged remote attacker perform privileged actions by using the ASA web management interface.
WordPress released version 5.0.1 that fixes seven vulnerabilities.
Adobe published security updates to address vulnerabilities in Adobe Acrobat and Reader.
Microsoft issued the December 2018 Security Updates that include 39 unique vulnerability fixes, 9 of them rated critical.
The Department of Homeland Security and the Federal Bureau of Investigation issued a security alert warning bad actors are using SamSam ransomware to target industries across the United States and worldwide.