F5 has released fixes for 12 High severity vulnerabilities that affect BIG-IP and BIG-IQ products.
Sandworm threat actors, also known as Voodoo Bear, are now using a new malware dubbed Cyclops Blink, a replacement for VPNFilter malware previously exposed in 2018, to target small office/home office (SOHO) routers and network attached storage (NAS) devices.
Cisco has released a Critical security update for multiple vulnerabilities in Small Business RV Routers. Several of those vulnerabilities are rated Critical severity and have the highest rated CVSS score of 10.0.
Cisco has fixed five High risk Cisco IOS XR Software vulnerabilities in multiple network products, as well as a security update for OpenSSL vulnerabilities.
Researchers have discovered a Critical authentication bypass vulnerability and two other flaws in multiple models of some Smart Switches.
Cisco has fixed a Critical authentication bypass vulnerability CVE-2021-34746 in NFV Infrastructure Software (NFVIS) TACACS+ authentication, authorization and accounting (AAA) feature.
Juniper Networks has released an out-of-cycle emergency patch that fixes a “FragAttack” WiFi vulnerability in Juniper Networks Mist Access Points (APs).
CISA warned attackers continue to exploit Pulse Connect Secure vulnerabilities. The alert was issued after CISA confirmed malicious activity on public and private entity networks. Additional detection methods were also added on April 30.
Security researchers have discovered nine vulnerabilities collectively dubbed NAME:WRECK than can break DNS implementations in TCP/IP stacks and lead to denial of service or remote code execution. The experts also provided guidelines to organization on how to fix the issues.