CISA added Openfire (CVE-2023-32315) and WinRAR (CVE-2023-38831) vulnerabilities to its Known Exploited Vulnerabilities Catalog based on evidence of active exploitation.
Microsoft provided an update to previously released August security updates that confirmed a Microsoft Visual Studio, .NET vulnerability (CVE-2023-38180) is under attack in the wild.
Ford Motor Company has recently announced that a Wi-Fi software driver vulnerability in its Ford SYNC 3 infotainment system was discovered by a researcher.
Cybersecurity security agencies from the United States, United Kingdom, Australia, Canada and New Zealand have published the top 12 routinely exploited vulnerabilities in 2022.
Apple has released security updates for Apple iOS 16.6, macOS Ventura 13.5, macOS Monterey 12.6.8, Safari 16.6, Big Sur 11.7.9, and other products. In addition, multiple zero-day fixes were also addressed.
Multiple Critical vulnerabilities have been discovered in Progress Software’s MOVEit Transfer solution. In May, a zero-day High severity SQL injection vulnerability CVE-2023-34362 that could allow authenticated attackers to gain access to the MOVEit Transfer database and other sensitive data.
The Microsoft July 2023 Security Updates includes patches and advisories for 132 vulnerabilities, including 9 Critical severity issues (6 zero-days exploited in the wild).
Apple has released security updates for Apple iOS 16.5.1, macOS Ventura 13.4.1, macOS Monterey 12.6.7, Safari 16.5.1, Big Sur 11.7.8, and other products. In addition, multiple zero-day fixes were also addressed.
The Microsoft June 2023 Security Updates includes patches and advisories for 78 vulnerabilities, including 5 Critical severity issues. There were no zero-day vulnerabilities reported.
The Microsoft May 2023 Security Updates includes patches and advisories for 49 vulnerabilities, including 6 Critical severity issues and two zero-days (CVE-2023-29336, CVE-2023-24932) exploited in the wild.
The Cybersecurity and Infrastructure Security Agency (CISA) has added TP-Link, Apache Log4j2 and Oracle WebLogic vulnerabilities to its Known Exploited Vulnerabilities Catalog.
Security experts have discovered a new version of ViperSoftX, a malware that steals cryptocurrency and targets password managers, such as KeePass and 1Password.
The Cybersecurity and Infrastructure Security Agency (CISA) has added MinIO, PaperCut and Google Chrome vulnerabilities to its Known Exploited Vulnerabilities Catalog.
Adobe has released six advisories addressing multiple vulnerabilities in Acrobat and Reader, Digital Editions, InCopy, Substance 3D Stager, Dimension, Substance 3D Designer products.
The Microsoft April 2023 Security Updates includes patches and advisories for 97 vulnerabilities, including 7 Critical severity issues and one zero-day exploited in the wild.
Apple has released security updates for Apple iOS 16.4.1, iPadOS 16.4.1, macOS Ventura 13.3.1 and Safari 16.4.1, with fixes for two zero-day vulnerabilities.
CISA added Openfire (CVE-2023-32315) and WinRAR (CVE-2023-38831) vulnerabilities to its Known Exploited Vulnerabilities Catalog based on evidence of active exploitation.
Ford Motor Company has recently announced that a Wi-Fi software driver vulnerability in its Ford SYNC 3 infotainment system was discovered by a researcher.
