Exploits and vulnerabilities

Sysrv botnet is out to mine Monero on your Windows and Linux servers - The Sysrv botnet has been developing over the last years, and has become a multi-platform botnet that specializes in Monero cryptomining.
Update now! Apple patches zero-day vulnerability affecting Macs, Apple Watch, and Apple TV - If you're an Apple user, make sure you patch for CVE-2022-22675, a zero-day flaw actively exported in the wild.
Gmail-linked Facebook accounts vulnerable to attack using a chain of bugs—now fixed - A researcher has combined a chain of bugs into an attack method that makes it possible to take over Facebook accounts linked to Gmail.
F5 BIG-IP vulnerability is now being used to disable servers - At least one group of threat actors is using the recently patched vulnerability in F5 BIG-IP to wipe the file system of vulnerable devices.
Update now! Microsoft releases patches, including one for actively exploited zero-day - May's Patch Tuesday includes one actively exploited zero-day vulnerability and some other interesting ones.
Update now! F5 BIG-IP vulnerability being actively exploited - Only a few days after the release of the patch for a vulnerability in F5 BIG-IP, exploits were developed and are now being deployed.
Google fixes two critical Pixel vulnerabilities: Get your updates when you can! - Google has released updates for Android and its Pixel phone. We discuss the three vulnerabilities that were classified as critical.
Unfixed vulnerability in popular library puts IoT products at risk - Researchers have disclosed an unpatched vulnerability in the popular uClibc library that could allow attackers to use DNS poisoning.
Update now! Critical patches for Chrome and Edge - Google has released an update for the Chrome browser that includes 30 security fixes. Edge and other Chromium-based browsers also need updating.

Select your language