WinWAR and Openfire vulnerabilities exploited in the wild
CISA added Openfire (CVE-2023-32315) and WinRAR (CVE-2023-38831) vulnerabilities to its Known Exploited Vulnerabilities Catalog based on evidence of active exploitation.
Vulnerabilities & Exploits
Securezoo Cybersecurity Threat Center blog posts of new vulnerabilities and exploits.
Microsoft Visual Studio, .NET vulnerability (CVE-2023-38180) under attack in the wild
Microsoft provided an update to previously released August security updates that confirmed a Microsoft Visual Studio, .NET vulnerability (CVE-2023-38180) is under attack in the wild.
Ford SYNC 3 infotainment system Wi-Fi vulnerability discovered
Ford Motor Company has recently announced that a Wi-Fi software driver vulnerability in its Ford SYNC 3 infotainment system was discovered by a researcher.
Top 12 Most Routinely Exploited vulnerabilities in 2022
Cybersecurity security agencies from the United States, United Kingdom, Australia, Canada and New Zealand have published the top 12 routinely exploited vulnerabilities in 2022.
Microsoft August 2023 Security Updates Fixes 74 Vulnerabilities (6 Critical severity)
The Microsoft August 2023 Security Updates includes patches and advisories for 74 vulnerabilities, including 6 Critical severity issues.
Apple patches zero-day vulnerabilities in iOS 16.6, macOS Ventura 13.5, and other products
Apple has released security updates for Apple iOS 16.6, macOS Ventura 13.5, macOS Monterey 12.6.8, Safari 16.6, Big Sur 11.7.9, and other products. In addition, multiple zero-day fixes were also addressed.
Critical MOVEit vulnerabilities exploited in the wild
Multiple Critical vulnerabilities have been discovered in Progress Software’s MOVEit Transfer solution. In May, a zero-day High severity SQL injection vulnerability CVE-2023-34362 that could allow authenticated attackers to gain access to the MOVEit Transfer database and other sensitive data.
Microsoft July 2023 Security Updates Fixes 132 Vulnerabilities (9 Critical, 6 zero-days)
The Microsoft July 2023 Security Updates includes patches and advisories for 132 vulnerabilities, including 9 Critical severity issues (6 zero-days exploited in the wild).
Mozilla Releases Firefox 115 With Fixes For 3 High Severity Vulnerabilities
The Mozilla Foundation has patched three High risk vulnerabilities in Firefox 115, as well as a number of other bug fixes.
Apple patches zero-day vulnerabilities in iOS 16.5.1, macOS Ventura 13.4.1, and other products
Apple has released security updates for Apple iOS 16.5.1, macOS Ventura 13.4.1, macOS Monterey 12.6.7, Safari 16.5.1, Big Sur 11.7.8, and other products. In addition, multiple zero-day fixes were also addressed.