Cybersecurity
Threat Center Blog

The Microsoft May 2023 Security Updates includes patches and advisories for 49 vulnerabilities, including 6 Critical severity issues and two zero-days (CVE-2023-29336, CVE-2023-24932) exploited in the wild.

The Cybersecurity and Infrastructure Security Agency (CISA) has added TP-Link, Apache Log4j2 and Oracle WebLogic vulnerabilities to its Known Exploited Vulnerabilities Catalog.

Security experts have discovered a new version of ViperSoftX, a malware that steals cryptocurrency and targets password managers, such as KeePass and 1Password.

The Cybersecurity and Infrastructure Security Agency (CISA) has added MinIO, PaperCut and Google Chrome vulnerabilities to its Known Exploited Vulnerabilities Catalog.

Oracle has released its Critical Patch Update for April 2023 to include 433 vulnerability fixes across multiple products.

The Mozilla Foundation has patched ten High risk vulnerabilities in Firefox 112, as well as a number of other bug fixes.

Adobe has released six advisories addressing multiple vulnerabilities in Acrobat and Reader, Digital Editions, InCopy, Substance 3D Stager, Dimension, Substance 3D Designer products.

The Microsoft April 2023 Security Updates includes patches and advisories for 97 vulnerabilities, including 7 Critical severity issues and one zero-day exploited in the wild.

Apple has released security updates for Apple iOS 16.4.1, iPadOS 16.4.1, macOS Ventura 13.3.1 and Safari 16.4.1, with fixes for two zero-day vulnerabilities.

The Cybersecurity and Infrastructure Security Agency (CISA) has added Veritas, Windows and Arm Mali GPU Kernel vulnerabilities to its Known Exploited Vulnerabilities Catalog.

The FBI, CISA, and MS-ISAC have released a joint cybersecurity advisory regarding LockBit 3.0 ransomware as identified through FBI investigations as recently as this month.

Google has released Chrome 111.0.5563.110 for Mac and Linux and Chrome 111.0.5563.110/.111 for Windows with fixes for seven High severity vulnerabilities.

The Microsoft March 2023 Security Updates includes patches and advisories for 101 vulnerabilities, including 9 Critical severity issues and two zero-days exploited in the wild.

Adobe has released eight advisories addressing multiple vulnerabilities in Adobe Commerce, Experience Manager, Illustrator, Dimension, Creative Cloud, Substance 3D Stager, Photoshop, and ColdFusion products.

CISA and FBI have published a joint cybersecurity alert on Royal ransomware used in recent cyberattacks as recently as January 2023. The ransomware uses a unique “partial encryption approach” to evade detection.

Researchers have discovered threat actors abusing legitimate open-source debugger tool for Windows to disguise PlugX trojan attacks.

Researchers have discovered threat actors launching zero-day attack against packages in the Python Package Index (PyPI) repository.

The Cybersecurity and Infrastructure Security Agency (CISA) has added IBM and Mitel vulnerabilities to its Known Exploited Vulnerabilities Catalog.

Attackers have been exploiting a Forta GoAnywhere zero-day vulnerability (CVE-2023-0669).

The Microsoft February 2023 Security Updates includes patches and advisories for 79 vulnerabilities, including 9 Critical severity remote code execution issues and three zero-days exploited in the wild.