The Mozilla Foundation has patched two Critical risk vulnerabilities in Firefox 100.0.2. An attacker could exploit these vulnerabilities to take control of impacted systems.
Over the past six months, Microsoft has observed a spike in cyberactivity of 254% from XorDdos, a trojan targeting Linux-based cloud systems and Internet of Things (IoT) devices.
The Internet Systems Consortium (ISC) has released a security update that fixes a High risk vulnerability CVE-2022-1183 in multiple versions of ISC Berkeley Internet Name Domain (BIND).
Apple has released security updates for Apple iOS 15.5, macOS Monterey 12.4, macOS Big Sur 11.6.6, and other products. Apple is aware of known exploits in the wild for a zero-day vulnerability CVE-2022-22675 that affects macOS Big Sur, watchOS, and tvOS.
Unauthenticated attackers could exploit a Critical BIG-IP iControl REST vulnerability CVE-2022-1388 to execute arbitrary system commands, create or delete files, or disable services on BIG-IP systems.
The Microsoft May 2022 Security Updates includes patches and advisories for 73 vulnerabilities, seven of those rated Critical severity and one zero-day flaw CVE-2022-26925.
The Cybersecurity and Infrastructure Security Agency (CISA) has added five vulnerabilities to its Known Exploited Vulnerabilities Catalog, to include two Apple, two Microsoft and one OpenSSL vulnerability.
Google has released security updates for ChromeOS 101.0.4951.59 and Chrome 101 (101.0.4951.61) for Android with fixes for multiple High risk vulnerabilities.
Researchers from Blackberry have discovered a redesigned remote access trojan DCRat that a lone cyber criminal is now offering as a homemade tool for opening “backdoors on a budget.”
The Cybersecurity Advisory (CSA) published details on the top 15 vulnerabilities most routinely exploited by malicious cyber actors in 2021. Common CVEs include Log4Shell, ProxyLogon, ProxyShell, ZeroLogon and others.
Cisco has released a security updates for Spring Framework (“Spring4Shell”), Firepower Management Center (FMC) and IOS XR software that address Critical and High severity vulnerabilities.
Researchers have found millions of Java applications still vulnerable in the wild to the infamous Log4Shell vulnerability CVE-2021-44228, more than four months after the severe flaw was discovered.
Microsoft researchers have discovered a collection of Linux vulnerabilities dubbed Nimbuspwn that could lead to privilege escalation as root on Linux desktop systems.