Exploits and vulnerabilities

Patch now! Apple fixes in-the-wild iPhone vulnerabilities - Apple has patched two vulnerabilities in the WebKit browser rendering engine that are being used in the wild against older devices.
Microsoft fixes seven zero-days, including two PuzzleMaker targets, Google fixes serious Android flaw - A great many patches from different vendors have been released in the June security updates for Microsoft, Android, SAP, Cisco, and Adobe.
Falsifying and weaponizing certified PDFs - Certified PDFs are supposed to control modifications so that recipients know they haven't been tampered with. It doesn't always work.
Android patches for 4 in-the-wild bugs are out, but when will you get them? - New Android vulnerabilities have been discovered, and the patches have been made available. But despite the high severity of the vulnerabilities, some users may never get the update.
Pega Infinity patches authentication vulnerability - Pega Infinity is a popular enterprise software and researchers found a flaw in the authentication process by using a password reset weakness.
FragAttack: New Wi-Fi vulnerabilities that affect… basically everything - A researcher has uncovered a set of vulnerabilities in the way Wi-Fi and connected devices handle data packet fragmentation and aggregation.
Get patching! Wormable Windows flaw headlines Patch Tuesday - This month's Microsoft Patch Tuesday announcement includes fixes for four Critical bugs and 51 other flaws.
Spectre attacks come back from the dead - A team of researchers says it has rendered three years the Spectre defenses useless with new attacks.
Update now! Chrome needs patching against two in-the-wild exploits - Google has issued an update including two critical security fixes that were fast, but not quite fast enough.

Select your language