GitHub ran a security scan to find old vulnerabilities in JavaScript and Ruby libraries in over a half million public repositories. The scan results turned up over four million vulnerabilities and sent alerts to developers to patch the bugs. GitHub is leading software development platform used to host, review and manage software source code, used by millions of developers.
GitHub scans and finds 4M vulnerabilities Read More »
Citrix has released patches for Citrix XenServer that address several vulnerabilities. If exploited, an attacker or malicious administrator of a guest VM could crash or compromise certain XenServer hosts.
Citrix security updates for XenServer Read More »
Microsoft issued March 2018 Security Updates that includes 75 vulnerability fixes, 15 of them rated critical. The updates address multiple Microsoft products to include Windows, Internet Explorer, Edge, Exchange, Office, Office Services and Web Apps, ChakraCore, PowerShell and Adobe Flash.
Microsoft March 2018 patch updates Read More »
Security researchers from Trend Micro have spotted two vulnerabilities that are being exploited on popular CouchDB open source database management systems.
Apache CouchDB vulnerabilities exploited Read More »
Microsoft issued February 2018 Security Updates that includes more than 50 fixes, 14 of them critical. The updates address multiple Microsoft products to include Windows, Internet Explorer, Edge, Office, Office Services and Web Apps, ChakraCore and Adobe Flash.
Microsoft February 2018 Patch Updates Read More »
Lenovo warned its customers about two critical Broadcom WiFi vulnerabilities that affect 25 ThinkPad models. The firmware vulnerabilities impact Broadcom’s BCM4356 Wireless LAN Driver for Windows 10 and contain buffer overflow flaws.
Lenovo warns of critical WiFi vulnerabilities Read More »
Researchers at Proofpoint have been tracking a massive distributed botnet dubbed Smominru, a Monero cryptocurrency miner, that spreads using the EternalBlue Exploit (CVE-2017-0144).
Smominru mining botnet Read More »
A security researcher from TrustWave discovered multiple vulnerabilities in the Western Digital (WD) MyCloud network storage devices.
Vulnerabilities in WD MyCloud Read More »
Security researchers from ERPScan discovered a high severity vulnerability in MICROS point-of-sale (POS) terminals that could allow hackers to read sensitive data.
Oracle MICROS POS vulnerability Read More »
Intel said the root cause of the reboot issues have been identified. To that end, the company said customers and partners should not install its current versions of Spectre/Meltdown patches rolled out earlier this month as they “may introduce higher than expected reboots and other unpredictable system behavior.”
Intel issues new Spectre/Meltdown patch guidance Read More »
