Attackers Exploit Forta GoAnywhere Zero-day Vulnerability
Attackers have been exploiting a Forta GoAnywhere zero-day vulnerability (CVE-2023-0669).
Zero-day
Google fixes Chrome 108 zero-day vulnerability (CVE-2022-4262) exploited in the wild
Google has released Chrome 108.0.5359.94 for Mac and Linux and 108.0.5359.94/.95 for Windows with a fix for a High severity zero-day vulnerability (CVE-2022-4262) exploited in the wild.
Google fixes Chrome 107 zero-day vulnerability (CVE-2022-3723) exploited in the wild
Google has released Chrome 107.0.5304.87 for Mac and Linux and 107.0.5304.87/.88 for Windows with a fix for a High severity zero-day vulnerability CVE-2022-3723 exploited in the wild.
Apple releases new macOS Ventura 13, along with security updates for iOS zero-day and multiple Apple products
Apple has released new macOS Ventura 13, along with security updates for Apple iOS 16.1, iOS 15.7, macOS Monterey 12.6.1, macOS Big Sur 11.7.1, Safari 16.1, tvOS 16.1, and watchOS 9.1. One zero-day iOS vulnerability was also fixed.
Microsoft update for Microsoft Exchange Server zero-day ProxyNotShell vulnerabilities
Microsoft has released a new security update for two Microsoft Exchange Server zero-day vulnerabilities (CVE-2022-41040 and CVE-2022-41082) dubbed “ProxyNotShell” under limited targeted attacks in the wild.
Apple fixes zero-day vulnerability (CVE-2022-32893) in iOS 12.5.6 exploited in the wild
Apple has fixed a zero-day vulnerability (CVE-2022-32893) in iOS 12.5.6 under attack in the wild.
Google releases Chrome 104 security update with fixes for 11 vulnerabilities (1 zero-day CVE-2022-2856)
Google has released Chrome 104.0.5112.101 (Mac/Linux) and 104.0.5112.102/101 (Windows), with fixes for 11 vulnerabilities (one rated Critical and seven rated High severity). Additionally, one of the patches fixed a zero-day flaw CVE-2022-2856.
Google releases Chrome 103 security update with fix for zero-day vulnerability (CVE-2022-2294) exploited in the wild
Google has released Chrome 103.0.5060.114 for Windows with fixes for multiple vulnerabilities, to include one High severity zero-day (CVE-2022-2294) exploited in the wild.
Atlassian fixes Critical Confluence RCE vulnerability (CVE-2022-26134) exploited in the wild
Atlassian has fixed a Critical severity unauthenticated zero-day RCE vulnerability (CVE-2022-26134) in Confluence Server and Data Center.
Microsoft April 2022 Security Updates addresses 117 vulnerabilities (to include 2 zero-days)Â
The Microsoft April 2022 Security Updates includes patches and advisories for 117 vulnerabilities, ten of those rated Critical and two zero-day flaws.